Hello Christian J,
ModSecurity is a web application firewall. It blocks the incoming web request depending on the added ruleset. You can protect your web application using ModSecurity against attacks like session hijacking, SQL injection, cross-site scripting, etc.
If ModSecurity is not enabled, our domains lose the extra layer of security protection that the WHM provides. By default, mod_security is enabled on all our servers from the provider end. ModSecurity supports a flexible rule engine to perform both simple and complex operations.
However, you can follow the method below in order to enable ModSecurity through WHM,
- Firstly, log in to your WHM account.
- Then, activate the mod security module from the below path,
- Now, navigate to the ModSecurity Vendors interface.
- Next, set up the OWASP rule set.
- Lastly, navigate to see the logged notifications and blocked traffic from these rules.
ModSecurity is a firewall for online applications. It scans incoming web traffic continuously for risks, preventing harmful connections from reaching apps.
------------------------------
Regards,
Rex Maughan
Leave a comment: