How to Use ModSecurity in cPanel
ModSecurity is an open-source Web Application Firewall (WAF) that runs at the server level and inspects incoming HTTP requests in real time. It blocks common attacks like SQL injection, cross-site scripting (XSS), file inclusion exploits, and more - before they reach your web application.
How to Enable ModSecurity in cPanel
- Log in to your cPanel account.
- Go to Security › ModSecurity.
- You'll see a list of your domains. Toggle ModSecurity On for the domain(s) you want to protect.
ModSecurity can be enabled or disabled individually per domain, giving you flexibility if a particular site experiences false positives.
What ModSecurity Blocks
- SQL injection attempts
- Cross-site scripting (XSS) attacks
- Remote file inclusion
- Malicious bots and scanners
- Known exploit attempts targeting popular CMS platforms like WordPress
Dealing with False Positives
Occasionally, ModSecurity may block a legitimate request - for example, a form submission that contains code-like content. If you notice a feature on your site suddenly stops working after enabling ModSecurity, it may be a false positive. In that case, you can temporarily disable ModSecurity for that domain while you investigate, or contact our support team to review the ModSecurity logs and whitelist the specific rule causing the issue.
ModSecurity + Other Security Layers
For best results, use ModSecurity alongside strong passwords, 2FA, and regular updates to your CMS and plugins.
100% Satisfaction Guarantee
We're so confident you'll love dotCanada that we offer a 30-day money-back guarantee. Not satisfied? Get a full refund, no questions asked.
Ready to Get Started?
Join thousands of Canadian website owners who trust dotCanada for reliable, fast web hosting.
Get Started Today