What is ModSecurity and how to use it?

Posted at August 4, 2016 at 4:34 pm by Jithin

ModSecurity is an open-source web-based firewall application (or WAF) supported by different web servers: Apache, Nginx and IIS. With over 70% of all attacks now carried out over the web application level, organizations need every help they can get in making their systems secure.

ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. Web application firewalls are deployed to establish an external security layer that increases the protection level, detects, and prevents attacks before they reach web-based software programs.

It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. ModSecurity commonly installed in conjunction with Apache, an open source web server. The benefits of using mod_security are numerous, and encompass defense from many kinds of web-based attack including code injection and brute force attacks.

The module is configured to protect web applications from various attacks. ModSecurity supports flexible rule engine to perform both simple and complex operations. It can potentially block common code injection attacks which strengthens the security of the server. It comes with a Core Rule Set (CRS) which has various rules for: cross website scripting, bad user agents, SQL injection, trojans, session hijacking, and other exploits.

 

Enable Mod-Security in cPanel

Here we can discuss about how to enable ModSecurity in your cPanel interface.

1) Login to your cPanel account.

2) Go to the section ‘Security’.

ModSecurity

 

3) Click the icon ‘ModSecurity’.

ModSecurity

 

4) Here you can see the option for enabling the ModSecurity. Click the button ‘Enable’.

ModSecurity

 

5) Now you can see a message ‘ModSecurity is enabled for all of your domains.

 

If you need any further assistance please reach our support department.

 

 

5.00 avg. rating (89% score) - 1 vote

You can skip to the end and leave a response. Pinging is currently not allowed.

Leave a Reply