Introduction

ModSecurity is a Web Application Firewall that provides website protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.

It is used to block commonly known exploits against websites used by hackers and other malicious attacks (such as code injection or cross-scripting attacks) by the use of matching regular expressions and rule sets.

To detect threats, the ModSecurity engine scans all the requests and relative responses which come to the webserver (and which are sent from the server respectively), as per its set of rules. If the check succeeds, then the HTTP request is passed to the website content but if it fails, then it blocks the request.

ModSecurity is Enabled on all SSDCloud Accounts by Default.

Sometimes, when carrying out administration tasks on your websites such as a WordPress blog or a Joomla site, ModSecurity may be triggered and block the activity that you are trying to accomplish.

This is because ModSecurity matches the request you are making to one of the "banned" rules and passes this information to our Imunify360 firewall.

If you continue to do this your IP address will be blocked from accessing our servers. To unblock your IP address and regain access you will be presented with a CAPTCHA screen that you have to complete. More details on Imunify360 can be found here: What is Imunify360?

The best way to manage this is to disable ModSecurity for your website whilst you carry out your activity and then re-enable ModSecurity when you have finished.