Working with ModSecurity

All shared and reseller web hosting accounts come enabled with mod_security.  Mod_security is a "firewall" for your website and helps prevent people from compromising your website.  Please keep in mind that it's still required for you to keep your scripts up to date, mod_security will not block every hack attempts, only commonly used ones.  If you are seeing a "406 Error" that is related to a mod_security block.

Just like in any virus or firewall software, there can be false posiitves and depending on the way you have your site configured or the scripts you use, mod_security might interfere with your website.  You have the option to disable mod_security if it will not work with your website, however we highly recommend keeping it enabled so your website(s) is protected.

There are two ways to disable mod_security.

  1. Recommended: Log into cPanel and click on the ModSecurity icon and then click on the 'Disable' button on the top of that page. 
  2. Advanced Users: Edit the .htaccess file in public_html and add SecFilterEngine Off to the top of that file.

Was this answer helpful?

 Print this Article

Also Read

How do I parse .html files as .php?

You need to add the following line to your .htaccessAddHandler application/x-httpd-lsphp .htm .html

I can't reach cPanel on port 2082

If you have a firewall or your ISP doesn't allow connections to cPanel on port 2082, you can...

How do I disable server-side caching?

We use Varnish to cache images for 30 minutes and all dynamic content (html, php, etc) files for...

How do I block an IP address from reaching my website?

Please view our video tutorial at: http://www.cpanel.net/media/tutorials/ipdeny.htm  

How do I create a SSL certificate?

Let's be honest, creating SSL certificates can be confusing at times. Let us do the work for you...