How to enable/disable ModSecurity for your domains in cPanel

In the latest versions of cPanel, you have the ability to disable/enable ModSecurity from your cPanel account.

Notice that you may not have this option enabled in cPanel. Ask your host.

ModSecurity, sometimes called Modsec, is a popular Open-source Web application firewall (WAF). Originally designed as a module for the Apache HTTP Server, it has evolved to provide an array of Hypertext Transfer Protocol request and response filtering capabilities along with other security features across a number of different platforms including Apache HTTP Server, Microsoft IIS and NGINX. It is a free software released under the Apache license 2.0.


cpanel modsecurity
cPanel ModSecurity

To disable/enable ModSecurity in cPanel:

  1. Go to and log in
  2. Navigate to Security section, look for ModSecurity option
  3. Here you can Disable/Enable ModSecurity for all domains.
    Or, you can choose an individual domain on which to disable/enable ModSecurity. Click the On/Off button.
    When you disable ModSecurity, a notice will be shown:


    Warning: ModSecurity is disabled for one or more of your domains. Only disable ModSecurity while you troubleshoot a problem with your configuration. Without ModSecurity enabled, your domains lose the extra layer of protection that the module provides.

Check our video on this:

Enable/disable mod_security

Leave a Reply