Working with ModSecurity
Carlos Escalante avatar
Written by Carlos Escalante
Updated over a week ago

All shared and reseller web hosting accounts come enabled with mod_security. Mod_security is a "firewall" for your website and helps prevent people from compromising your website. Please keep in mind that it's still required for you to keep your scripts up to date, mod_security will not block every hack attempts, only commonly used ones. If you are seeing a "406 Error" that is related to a mod_security block.
​
Just like in any virus or firewall software, there can be false posiitves and depending on the way you have your site configured or the scripts you use, mod_security might interfere with your website. You have the option to disable mod_security if it will not work with your website, however we highly recommend keeping it enabled so your website(s) is protected.
​
There are two ways to disable mod_security.
​

  1. Recommended: Log into cPanel and click on the ModSecurity icon and then click on the 'Disable' button on the top of that page.

  2. Advanced Users: Edit the .htaccess file in public_html and add SecFilterEngine Off to the top of that file.

Did this answer your question?