ModSecurity is a web application firewall that protects websites from common attacks.
It works by filtering incoming requests before they reach your website.

ModSecurity runs on the server and operates automatically.

What ModSecurity Protects Against #

ModSecurity helps protect against:

• SQL injection attacks
• Cross-site scripting (XSS)
• Malicious bots
• Known exploit patterns
• Automated scanning attempts

It blocks suspicious requests before they can cause damage.

How ModSecurity Works #

ModSecurity:

• Analyzes incoming traffic
• Applies security rules
• Blocks or logs suspicious behavior

This process happens in real time and does not require user interaction.

What ModSecurity Does Not Do #

ModSecurity does not:

• Fix vulnerable website code
• Replace regular updates
• Guarantee a website cannot be compromised
• Protect against all possible attacks

Website security also depends on proper configuration and updates.

Impact on Website Behavior #

In some cases, ModSecurity may:

• Block legitimate form submissions
• Prevent specific actions in plugins or scripts
• Trigger false positives

This is more common with custom or outdated software.

Managing ModSecurity #

ModSecurity rules are managed at the server level.

Customers:

• Cannot modify core rules
• Cannot disable ModSecurity globally

In specific cases, limited adjustments may be handled via support after review.

When ModSecurity Issues Occur #

Common signs include:

• Forms not submitting
• Unexpected 403 errors
• Features working intermittently

These are usually caused by rule triggers.

What You Should Do if Something Breaks #

If ModSecurity blocks legitimate functionality:

• Identify the exact action that fails
• Contact ProRedLine support
• Provide clear reproduction steps

Do not attempt to bypass security controls.

Responsibility Notice #

You are responsible for:

• Keeping website software up to date
• Using secure plugins and themes
• Avoiding insecure code

ModSecurity is a protective layer, not a substitute for maintenance.