Turn off ModSecurity in cPanel Web Hosting: Here is Why?

What is ModSecurity?

If you are using a cPanel Based Web Hosting, then you will see there is something called Mod Security under the security section in your cPanel. Keeping it on will definitely provide you an extra layer of security. However sometimes it can make you suffer as well.

ModSecurity is a web application firewall (WAF) that helps protect websites from various attacks, including SQL injection, cross-site scripting (XSS), and other common web vulnerabilities. In cPanel, ModSecurity can be enabled and configured to enhance the security of websites hosted on the server. Here’s how ModSecurity works in cPanel:

1. Enabling ModSecurity: As a server administrator or web hosting provider, you can enable ModSecurity for all websites hosted on the cPanel server. This can typically be done through the cPanel interface or via command-line tools like WHM (Web Host Manager).

2. Configuring Rules: ModSecurity operates based on rulesets that define patterns of potentially malicious behavior. In cPanel, you can choose from different ModSecurity rulesets, such as OWASP (Open Web Application Security Project) Core Rule Set, Comodo WAF, or custom rulesets. These rulesets are regularly updated to protect against new threats.

3. Fine-Tuning Rules: cPanel provides options to fine-tune ModSecurity rules to suit the specific needs of your websites. You can adjust rule severity levels, whitelist or blacklist specific rules, and customize rules based on your application’s requirements.

4. Logging and Monitoring: ModSecurity logs all detected security events, allowing you to monitor and review potential threats to your websites. In cPanel, you can access logs through the interface or view them directly in log files on the server.

5. Blocking Malicious Traffic: When ModSecurity detects a potentially malicious request based on its rules, it can take various actions, including blocking the request, logging the event, or presenting a challenge to the user (such as CAPTCHA verification). This helps prevent attacks from reaching your web applications.

6. Performance Considerations: While ModSecurity provides enhanced security, it can also impact server performance, especially if configured with overly strict rules or on servers with limited resources. Administrators should carefully balance security requirements with performance considerations.

7. Regular Updates: It’s essential to keep Mod Security and its rulesets up to date to protect against evolving threats. cPanel often provides updates to it through its software repository, ensuring that server administrators can easily maintain the latest security features.

Overall, ModSecurity in cPanel offers robust security features to help safeguard websites hosted on cPanel servers against a wide range of web-based attacks. By enabling and properly configuring ModSecurity, server administrators can significantly enhance the security posture of their hosting environment.

When should you turn it off ?

If you are noticing that you’re unable to access your site from your device but your friends can easily access it then there can be one factor that can cause this issue. In that case you may try to login to your cPanel and consider disabling Mod Security.

How does that happen ?

This happen because Mod Security blacklist your IP address if it finds that your device is doing something unusual. Do not afraid regarding low security if you’re turning it off because your cPanel already comes with tons of securities and it also include some plugin that is providing you some extra security.

Also Read: How to keep your WordPress Website secure?

Will it affect my Website Security ?

Do not turn off if you’re not facing any issue with accessing your site, but if you do, only from your device or your particular IP address then turning Mod Security off won’t hurt you in any way.

By default, Mod Security remain on in any newly created cPanel and it is a software basically designed for the server that uses Apache and comes with cPanel. You don’t have to manually run the Mod Security for any protection purpose as it is by default run on every new account that is created in your server.

What is the Main Purpose of ModSecurity for cPanel ?

The main purpose of Mod Security is that it helps you protect from the brute force attack. Also, not forget, when you turn off the Mod Security after suffering from accessing the site, you can remove your IP address and again turn it back on. Sometime your IP may get block if you’re using VPN but that’s not the regular case, however the chances are 50-50.

You can also follow us on Facebook: https://facebook.com/nestnepalofficial.

Frequently Asked Questions(FAQ)