We're implementing security enhancements on our cPanel webserver with OWASP® ModSecurity CRS beginning in July 2022.
Different from a network firewall, ModSecurity is an open-source Web Application Firewall (WAF) with a set of rules that Apache®’s ModSecurity® module uses to protect your web application from potential unpatched, out-of-date applications, or insecure web application design. Upon implementation, potential security risks (https://owasp.org/www-project-top-ten/) that match ruleset will be filtered to protect your web application.
If you're a website developer or web application developer that is using a third party system for development work, such as Postman, you can always temporary enable/disable ModSecurity feature for individual domain in cPanel during development work.
You may follow below steps to enable/disable ModSecurity for individual domain:
1) Login to your cPanel account and search "ModSecurity" in top search bar.
2) Click on the "ON/Off" button to toggle the status.
Since we are using general rule set by default, we can't disable particular rules just for your domain.
If you are getting blocked and wanted to know more, please contact us by open support ticket via client portal.
