ModSecurity, sometimes called Modsec, is a popular Open-source Web application firewall (WAF). Originally designed as a module for the Apache HTTP Server, it has evolved to provide an array of Hypertext Transfer Protocol request and response filtering capabilities along with other security features across a number of different platforms including Apache HTTP Server, Microsoft IIS and NGINX. It is a free software released under the Apache license 2.0.
To disable/enable ModSecurity in cPanel:
- Go to yourdomain.com/cpanel and log in
- Navigate to Security section, look for ModSecurity option
- Here you can Disable/Enable ModSecurity for all domains.
Or, you can choose an individual domain on which to disable/enable ModSecurity. Click the On/Off button.
When you disable ModSecurity, a notice will be shown:Warning: ModSecurity is disabled for one or more of your domains. Only disable ModSecurity while you troubleshoot a problem with your configuration. Without ModSecurity enabled, your domains lose the extra layer of protection that the module provides.