What is ModSecurity?

ModSecurity is a web application firewall that provides website protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.

It is used to block commonly known exploits against websites used by hackers and other malicious attacks (such as code injection or cross scripting attacks) by the use of matching regular expressions and rule sets.

To detect threats, the ModSecurity engine scans all the requests and relative responses which come to the web server (and which are sent from the server respectively), as per its set of rules. If the check succeeds, then the HTTP request is passed to the website content but if it fails, then it blocks the request.

More information on ModSecurity can be found here: https://www.modsecurity.org/about.html

ModSecurity is enabled on all Pay Monthly Hosting servers and accounts by default.

Sometimes, when carrying out administration tasks on your website such as a WordPress blog or a Joomla site, ModSecurity may be triggered and block the activity that you are trying to accomplish.

This is because ModSecurity matches the request you are making to one of the "banned" rules and passes this information to our Imunify360 firewall.

If you continue to do this your IP address will be blocked from accessing our servers. To unblock your IP address and regain access you will be presented with a CAPTCHA screen that you have to complete. More details on Imunify360 can be found here: What is Imunify360?

The best way to manage this is to disable ModSecurity for your website whilst you carry out your activity and then re-enable ModSecurity when you have finished.

The ModSecurity control icon can be found under the SECURITY section of your cPanel.


ModSecurity in cPanel
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

MailScanner FAQ's

MailScanner is the email anti-spam protection tool that we use with all cPanel accounts. Here is...

How to install WordPress using Softaculous

If you have purchased a Pay Monthly Hosting plan and wish to install WordPress, we would...

Pay Monthly Drupal Hosting

Pay Monthly Drupal HostingAll of our Pay Monthly Hosting packages are perfect for hosting your...

What is the difference between Shared SSL and Private SSL?

An SSL (secure socket layer) certificate encrypts information as it is transferred across the...

Why is there a folder called .well-known in my webspace?

What is the .well-known folder or directory in my public_html directory? I have not created or...

Powered by WHMCompleteSolution