mod_security2 is a web application firewall (WAF). On certain servers, this module can be added in the Apache Options interface. To learn about adding modules to your VPS or Dedicated server, see our How to Add and Remove Your Apache Modules article.
When the mod_security2 module is added on one of our servers, we automatically install it with the OWASP Core Rule Set (CRS). OWASP CRS is a list of rules created for WAFs and protects against a variety of common attacks, like SQL injection, cross-site scripting, and local file inclusion. You can find a full list of common attacks that the OWASP Core Rule Set protects in this OWASP CRS article.
Our installations use the recommended configuration. However, if you require a custom configuration, our support team can assist you.