1. cPanel & WHM Documentation
  2. cPanel
  3. Security
  4. ModSecurity®
cpanelui modsecurity security

ModSecurity®

Valid for versions 82 through the latest version

Version:

82

Last modified: July 3, 2024

Overview

Warning:

We strongly recommend that you enable ModSecurity for all of your domains. Only disable ModSecurity while you troubleshoot ModSecurity-related problems.

This interface allows you to enable or disable ModSecurity for your domains. If you disable ModSecurity for a domain, that domain will not have any ModSecurity rules applied to it. For more information about ModSecurity rules, read our OWASP® ModSecurity CRS documentation.

Note:

If you cannot access this interface from your cPanel account, ask your hosting provider to perform the following steps in WHM:

  • Install the mod_security2 module in the Apache Modules section of WHM’s EasyApache 4 interface (WHM » Home » Software » EasyApache 4).

  • Enable the ModSecurity Domain Manager feature in WHM’s Feature Manager interface (WHM » Home » Packages » Feature Manager).

Enable for all domains

To enable ModSecurity for all of your domains, click Enable.

Disable for all domains

To disable ModSecurity for all of your domains, click Disable. A confirmation message will appear. Click Disable All to disable ModSecurity.

Configure Individual Domains

Note:

You must enable ModSecurity under Configure All Domains before you can configure ModSecurity for individual domains.

To enable or disable ModSecurity for a specific domain, select On or Off.

Additional Documentation