ModSecurity is a web application firewall. It blocks the incoming web request depending on the added ruleset. You can protect your web application using ModSecurity against attacks like session hijacking, SQL injection, cross-site scripting, etc.
If ModSecurity is not enabled, our domains lose the extra layer of security protection that the WHM provides. By default, mod_security is enabled on all our servers from the provider end. ModSecurity supports a flexible rule engine to perform both simple and complex operations.
However, you can follow the method below in order to enable ModSecurity through WHM,
Firstly, log in to your WHM account.
Then, activate the mod security module from the below path,
Home > Security Center > ModSecurityTM Vendors
Now, navigate to the ModSecurity Vendors interface.
Next, set up the OWASP rule set.
Lastly, navigate to see the logged notifications and blocked traffic from these rules.
ModSecurity is a firewall for online applications. It scans incoming web traffic continuously for risks, preventing harmful connections from reaching apps.
------------------------------ Regards,
Rex Maughan
Comment