In apache web server Mod_security module helps to protect the website from various attacks. To block commonly known exploits by use of regular expressions, in our all servers we enabled the Mod_security by default.
In dynamic website, sometimes website users will forget to write code to help prevent hacks by doing things such as validating input. Mod_security can help in some cases those users that run sites that don't have security checks in their code.
http://www.your-domain-name.com/wp-login.php?user=userid'">DROP%20TABLE%20users--
This is a simple SQL injection where visiting this would cause the database to DROP and delete the users table from the database. If you are running Mod_Security on your server it will block this from running.
Below are the steps to follow to disable mod_security for one of your domains.
1. Login to cPanel
2. Under the Security section, click on Modsec Manager.
3. Wait for listing all the domains
For Configure All Domains: To enable or disable ModSecurity for all of your domains, click Enable or Disable.
For Configure Individual Domains: To enable or disable ModSecurity for a specific domain, select either On or Off.
Alternatively, if you only need certain select rules disabled instead of having it turned off for an entire domain, you can email to support[at]skylarkhost.com.
You should now know how to turn mod_security on and off for any of your domains that might be encountering problems relating to it being enabled by default.
***Once mod_security is turned off for an account, we will not take any responsibility of hacking the domain, database hacking, data manipulation and other activities which mod_security can prevent.