I already have ConfigServer Security & Firewall installed, should I also have Mod Security Installed as well?
Hello 
Yes, utilizing Mod_Security can help protect against web application attacks. You can enable Mod_Security through EasyApache. Our documentation on it is available at:
cPanel - Mod_Security
Thank you.
Yes, utilizing Mod_Security can help protect against web application attacks. You can enable Mod_Security through EasyApache. Our documentation on it is available at:
cPanel - Mod_Security
Thank you.
Yes, I will also suggest you install the mod_sec on your server with the atomicorp.com rules set.
https://www.atomicorp.com/wiki/index.php/Atomic_ModSecurity_Rules
Security Update: Atomic Mod Security setup guide for cPanel | UKHost4u Blog
https://www.atomicorp.com/wiki/index.php/Atomic_ModSecurity_Rules
Security Update: Atomic Mod Security setup guide for cPanel | UKHost4u Blog
Well I'd also like to strongly recommend that but Mod_Security is also a great choice.
Maybe it's good to point out that ModSecurity is a web application firewall, and ConfigServer ModSecurity Control is a tool to control and configure ModSecurity.
If ModSecurity is not installed, then ConfigServer ModSecurity Control is totally useless.
Thanks for the help all! I did realize that, I installed ModSecurity first, and then added the ConfigServer ModSecurity Control.
Note that mod_security is not a firewall. It is an Apache module intended to increase the security of Web sites. It is not the same, and does not have the same intended purpose, as an actual firewall.
Also note that the iptables firewall is built into the Linux kernel and is present on all modern Linux systems. CSF is just a front-end for configuring it. iptables syntax can be very complex, so Web-based configuration tools like CSF are very popular for putting a user-friendly interface on it. What CSF is really doing, though, is configuring the iptables firewall that is built into the Linux kernel.
Also note that the iptables firewall is built into the Linux kernel and is present on all modern Linux systems. CSF is just a front-end for configuring it. iptables syntax can be very complex, so Web-based configuration tools like CSF are very popular for putting a user-friendly interface on it. What CSF is really doing, though, is configuring the iptables firewall that is built into the Linux kernel.
The value of ConfigServer ModSecurity Control is that it allows you to quickly turn mod_security off for testing issues and also allows you to bypass specific rules on a server wide basis or on an account specific basis. Both are very helpful.
Also it gives you a good way to access the mod_security log.