ModSecurity is a URL firewall and it triggers based on a set of regular expressions (pattern matches). ModSecurity protects websites and web applications from hackers and malware by filtering and monitoring HTTP traffic between a web app and the Internet.
cPanel has this feature by default and uses the OWASP ModSecurity Core Rule Set, created by atomicorp.com.
On our shared hosting packages, LetsHost uses a ruleset provided by https://malware.expert/
Some website changes you attempt to make could trigger one (or more) of the rules often resulting in 403 Forbidden errors, 404 errors or causing your IP address to get blocked by the server.
What can I do if I am getting blocked?
First please open a ticket from your Client Area and provide your IP address as per: ip.letshost.ie with this we can confirm what rule is being triggered.
From there we generally recommend simply turning off ModSecurity while you are making changes to your site and then enabling ModSecurity again once you are finished.
To do this, login to cPanel from your Client Area
- Click Services > My Services
- Click the green Active button beside your hosting account
- Click Login to cPanel on the left-hand side (This will open cPanel in a new tab)
- Under the Security section click the ModSecurity option.
From here you can disable ModSecurity across all of your domains or you can disable each individually with the on/off switches.
Alternatively, we can whitelist the specific rule that is being triggered on your account, we however do not recommend this method for the security implications involved, simply open a ticket from your Client Area and let us know.
If you have any questions on the above, please do not hesitate to 'Open a Ticket' and we will be happy to advise further.