What is mod_security?
ModSecurity is a web form firewall that can work either fixed or as a reversed proxy. It protects a range of attacks opposite web forms and provides for HTTP traffic monitoring, logging, and real-time analysis.
You can install or upgrades are performed automatically when you run EasyApache /scripts/easyapache
Once enabled easyapache, goto WHM -> Plugins -> Mod Security ->Edit Config
click default rules
Mod security configuration will included in /etc/httpd/conf/httpd.conf apache file.
Use the following link for more about mod security options and rules.
Here are some important things to know when you change between ModSecurity versions:
Upgrades are performed automatically when you run EasyApache
The ModSecurity Activity Viewer in WHM complies simply
The rule director in WHM will automatically work with the fixed redaction of ModSecurity’s rules.
Rule syntax is different and placed in different locations. When you transfer between major version amounts of ModSecurity, your mod_security 1 rules will need to be redone in mod_security 2 and vice versa.