How to enable ModSecurity using WHM?

To enable ModSecurity in WHM follow the steps:
1. Log in to your WHM account.
2. Activate the mod security module.
3. (Home>>Security Center>> ModSecurityTM Vendors)
4. Go to the ModSecurity Vendors interface.
5. Set up the OWASP rule set.
6. Navigate to see the logged notifications and blocked traffic from these rules.
​

What is ModSecurity?

ModSecurity is a firewall for online applications. It continuously scans incoming web traffic for risks, preventing harmful connections from reaching apps.
​

The web application firewall (ModSecurity) examines all requests to your web server and corresponding answers from the server against its set of rules to detect and prevent attacks against web applications. If the check is successful, the HTTP request is sent to the website for content retrieval.
​

ModSecurity is a critical component of PCI DSS compliance for eCommerce sites, helping to meet Requirement 6.6 by helping to protect your site from external threats. As a result, disabling or deleting the module is strongly discouraged.

It protects your website from a variety of threats. If you disable mod-security on your account, your website will be vulnerable to attacks.