What is ModSecurity? 

Posted By: Ellyse Dwyer
Date Posted: 08/02/2021

Built-in Security 

There are many ways to help protect your website and data with the inclusion of a wide range of plugins and preventative measures. If you missed our latest article on the top 5 WordPress plugins you can check it out here!

One of these ways is by the use of words Modsec or ModSecurity, so what exactly is ModSecurity and how can it benefit your everyday life to help keep your website safe.


What is ModSecurity? 

ModSecurity also commonly known as mod_security or modsec is an open-source web application firewall which is an Apache module.

Let us find out what exactly a web application firewall is.

Web Application Firewall is a specific form of application firewall that filters, monitors, and blocks HTTP traffic to and from a web service. By inspecting HTTP traffic, it can prevent attacks exploiting a web application’s know vulnerabilities.

Vulnerabilities can include.

  • SQL injection
  • cross-site scripting
  • file inclusion
  • improper system configuration.
Now that we have covered how what a Web Application Firewall is, let’s get back to the modsec. Modsec exists on your server and can be turned on and off via your cPanel (Not Recommend) it inspects requests that are made to the server then looks at the traffic and compares the traffic against several regular expressions and rules. Therefore, if modsec finds a match set with these requests set to an active rule, it will block the request thinking of it as malicious.


What Does ModSec Protect Against?

ModSecurity includes the following protection.

  • Real-time security and monitoring and access control.
  • Virtual patching
  • Web application hardening
  • Continuous passive security assessment
  • Simple request or regular expression-based filtering.
  • Auditing
  • IP reputation-based filtering.
  • DOS protection
  • Null byte attack prevention
  • Server identity masking
  • Setting memory limits for web uploads


If you ever need to disable your ModSecurity please view our helpful guide HERE.


Prefer to view a video? Check out our YouTube channel.


You can get more helpful HA how-to videos by liking and subscribing to our YouTube channel.

If you need help ...

As always if you need extra support regarding the content in this article our team at Hosting Australia have a range of development and security services that can help your website perform better and protect it from attack ...

Don't risk your valuable business asset.
Get in contact with us to talk about security, backups, speed optimisations and more.

WordPress Website Design

Hosting Australia has a team of expert WordPress Designers, all based in Australia and ready to assist you with any task. From a ground up new site build, updating security or plugins, or just changing some minor details - we can assist with all aspects on your site.

Hit the button below to find our more and get in contact with our design team today.