What is ModSecurity?

ModSecurity supplies an array of request filtering and other security features to the Apache HTTP Server, IIS, and NGINX. ModSecurity is a web application layer firewall.

It is free software released under the Apache license 2.0.

ModSecurity is one of the Apache server modules that provides website protection by defending from hackers and other malicious attacks. It is a set of rules with regular expressions that helps to instantly ex-filtrate the commonly known exploits. ModSecurity obstructs the processing of invalid data (code injection attacks) to reinforce and nourish server's security.

To detect threats, the ModSecurity engine scans all the requests and relative responses which come to the web server and which are sent from the server respectively, as per its set of rules. If the check gets succeeded, the HTTP request is passed to the website content but if it fails, then it blocks the request and performs the following actions:

  • Security monitoring and access control
  • Virtual patching
  • Full HTTP traffic logging
  • Security assessment
  • Web application hardening
  • Passive security assessment
  • Simple request or Regular expression based Filtering
  • URL Encoding Validation
  • Auditing
  • IP Reputation
  • Null byte attack prevention
  • Server identity masking
  • Uploads memory limits
  • etc.

In BGOcloud's services, ModSecurity is enabled by default.

If You like to disable it, go to cPanel interface, scroll down to the "Security" tab and click the ModSecurity button

Then You will see, all domains you use in this service, and could disable or enable ModSecurity for one or for all domains:

ModSecurity Home page

Source: WikiPedia

Do you want to run an online business? Start building your website today.

Get Started!

Also Read

cPanel: Forwarding emails

If you have a lot of email accounts, you don`t want to set up everyone of them and you can...

Edit text/config file with File Manager

When You need to edit some configuration file or a web-page file, it is not necessary to download...

cPanel: How to create a new email account

When you buy a domain you want to create a beautiful website. You can do it easily with our...

Build a website with Drag and Drop using SitePad (formerly SiteMush)

Want to build Your personal or business website on your own, but feel like don't have enough...