One component of RackState®'s server security system is an Apache module known as ModSecurity (often referred to as “modsec”). This module monitors incoming HTTP requests and blocks any that appear suspicious or match predefined security rules configured by the server administrator.

Ideally, ModSecurity should only block malicious activity. However, in some cases, legitimate requests may also be restricted. Identifying and resolving these situations requires reviewing the server logs for more details.

ModSecurity-related issues typically appear as 400 or 500 HTTP status errors on your website. When this happens, the next step is to check the server error logs to determine which rule was triggered. These logs include details such as the request data, the rule ID, and the IP address involved.

If a valid function on your website is being blocked, it is recommended to review and adjust the code so it does not trigger security rules. Since ModSecurity is designed to detect potential threats, such behavior usually indicates that the code should be improved or optimized.

For websites built using CMS platforms like WordPress or Joomla, where code is often managed by third-party developers, adjusting the code may not always be practical. In such cases, it may be necessary to disable or whitelist the specific ModSecurity rule causing the issue. If needed, you can contact the support team and provide the error details so they can assist with resolving the issue.