How to manage the ModSecurity module in cPanel

This article describes how to manage the ModSecurity (also referred to as "Modsec") module in cPanel.

About ModSecurity

ModSecurity is an Apache module that provides an extra layer of protection for your account. It provides HTTP request filtering and other capabilities to help detect and block attacks before they can reach an application.

By default, the ModSecurity module is enabled. However, there may be situations where you need to disable ModSecurity for testing or troubleshooting purposes. For example, it is possible an application may not function correctly when ModSecurity is enabled. To verify this, you can disable ModSecurity and see if the application works correctly.

Managing ModSecurity

To manage the ModSecurity module for your account, follow these steps:

1. Log in to cPanel.
   If you do not know how to log in to your cPanel account, please see this article.
2. Open the ModSecurity tool:
   • If you are using the Jupiter theme, on the Tools page, in the Security section, click ModSecurity:

     

   • If you are using the Paper Lantern theme, in the SECURITY section of the cPanel home page, click ModSecurity:
     

     

3. To disable ModSecurity, do one of the following:
   

   • To disable ModSecurity for all of your domains, under Configure All Domains, click Disable.
   • Alternatively, to disable ModSecurity for a specific domain, under Configure Individual Domains, locate the domain, and then click Off.

4. To re-enable ModSecurity, do one of the following:
   

   • To enable ModSecurity for all of your domains, under Configure All Domains, click Enable.
   • Alternatively, to enable ModSecurity for a specific domain, under Configure Individual Domains, locate the domain, and then click On.

More Information

For more information about ModSecurity, please visit https://github.com/SpiderLabs/ModSecurity/wiki.