Overview #
With over 70% of all attacks now carried out over the web application level, organizations need every help they can get in making their systems secure.
Web application firewalls are deployed to establish an external security layer that increases the protection level, detects and prevents attacks before they reach web-based software programs.
Usage #
The module is configured to protect web applications from various attacks. ModSecurity supports a flexible rule engine to perform both simple and complex operations. It comes with a Core Rule Set (CRS) which has various rules for:
- cross website scripting
- bad user agents
- SQL injection
- trojans
- session hijacking
- other exploits
Most common errors #
The most common error triggered by a mod_security rule on our shared servers is 403 Forbidden.
It simply states that you do not have permission to access / on the server. Depending on the exact link where you get the error, the path may vary.
ModSecurity works in the background, and every page request is being checked against various rules to filter out those requests which seem malicious. These can be the ones that have been run to exploit vulnerabilities in your website software with the only goal to hack the site.
When to contact us #
Once you have run into the issue triggered by mod_security, the only way to bypass the block is to white-list this rule on the server.
ModSecurity rule(-s) may be whitelisted by our support team only. It is also possible to disable mod_security for the account in whole, but you should understand the risks once the specified module is off.