What is ModSecurity?

ModSecurity is a web application firewall that provides website protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.

It is used to block commonly known exploits against websites used by hackers and other malicious attacks (such as code injection or cross scripting attacks) by the use of matching regular expressions and rule sets.

To detect threats, the ModSecurity engine scans all the requests and relative responses which come to the web server (and which are sent from the server respectively), as per its set of rules. If the check succeeds, then the HTTP request is passed to the website content but if it fails, then it blocks the request.

More information on ModSecurity can be found here: https://www.modsecurity.org/about.html

ModSecurity is enabled on all Pay Monthly Hosting servers and accounts by default.

Sometimes, when carrying out administration tasks on your website such as a WordPress blog or a Joomla site, ModSecurity may be triggered and block the activity that you are trying to accomplish.

This is because ModSecurity matches the request you are making to one of the "banned" rules and passes this information to our Imunify360 firewall.

If you continue to do this your IP address will be blocked from accessing our servers. To unblock your IP address and regain access you will be presented with a CAPTCHA screen that you have to complete. More details on Imunify360 can be found here: What is Imunify360?

The best way to manage this is to disable ModSecurity for your website whilst you carry out your activity and then re-enable ModSecurity when you have finished.

For DirectAdmin accounts, ModSecurity cannot be controlled from with your hosting control panel.

For cPanel accounts, the ModSecurity control icon can be found under the SECURITY section.


ModSecurity in cPanel

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

What is Lets Encrypt SSL?

Lets Encrypt is an automated SSL certificate that can be used to protect both your website and...

Resources (Limits and Usage) - Pay Monthly Hosting plan

Within cPanel you can see the particular Pay Monthly Hosting plan resources that are allocated to...

Why is there a folder called .well-known in my webspace?

What is the .well-known folder or directory in my public_html directory? I have not created or...

How to install WordPress using Softaculous

If you have purchased a Pay Monthly Hosting plan and wish to install WordPress, we would...

How can I test or preview my website before DNS propagation is completed?

Once you have created a website hosting account with us you may wish to preview your website...

Powered by WHMCompleteSolution