Working with ModSecurity
Carlos Escalante avatar
Written by Carlos Escalante
Updated over a week ago

All shared and reseller web hosting accounts come enabled with mod_security. Mod_security is a "firewall" for your website and helps prevent people from compromising your website. Please keep in mind that it's still required for you to keep your scripts up to date, mod_security will not block every hack attempts, only commonly used ones. If you are seeing a "406 Error" that is related to a mod_security block.
Just like in any virus or firewall software, there can be false posiitves and depending on the way you have your site configured or the scripts you use, mod_security might interfere with your website. You have the option to disable mod_security if it will not work with your website, however we highly recommend keeping it enabled so your website(s) is protected.
There are two ways to disable mod_security.

  1. Recommended: Log into cPanel and click on the ModSecurity icon and then click on the 'Disable' button on the top of that page.

  2. Advanced Users: Edit the .htaccess file in public_html and add SecFilterEngine Off to the top of that file.

Did this answer your question?