mod_security: This Is How We Protect WordPress, Joomla! and Other WCMS and Plugins

Attacks on popular applications/WCMS (web content management systems) and plugins are commonplace today. Particularly the security holes in widespread systems and plugins are aggressively exploited.

There are good ways to protect your website. The effort you have to invest is minimal – this is what you should do:

  1. Keep your WCMS up to date
  2. Keep your plugins, extensions and themes up to date
  3. Use only the plugins and extensions that you need. Remove plugins that you are not actively using. Less is more.
  4. Protect your admin area via 2-factor authentication. You can choose a hardware solution (Yubikey) or a software one (Google Authenticator).

This is how we protect your website in 1&1 Web Hosting (Shared Hosting)

Today I had an interesting conversation with Georg, one of our security experts from the Shared Hosting IT Operations team (responsible for the daily operations in our company).

Georg and his colleagues monitor external sources, such as, oss-security, exploit database, metasploit and various other security and WordPress blogs. Internally, we constantly analyze our web hosting systems, so that we quickly identify attack vectors and prevent attacks.

External sources providing valuable information using attractive designs (selection):


If exploits or security holes emerge, we create rules for our Apache web servers to prevent these exploits in a targeted manner. These rules and the whole set of rules are managed in the mod_security module.

For example, with server-side rules we protect you from:

  • SQL injection
  • Remote file include
  • Local file include
  • XSS (cross-site scripting)
  • Or more generally: security holes in popular plugins and WCMS

For this purpose we use no standard set of rules, but we actively create and maintain our own set of rules. This way, we tailor our rules to your needs and applications.

Our goal is to offer you the best possible protection while maintaining the high performance.

This means that we examine and evaluate our set of rules at fixed intervals and, if necessary, we disable the rules for exploits that were already fixed by the developer of the concerned plugin or WCMS, and thus can no longer be exploited for an attack.

Important: Even if we always react as quickly as possible, with the mod_security rules we cannot guarantee you 100% protection against all exploits (e.g. zero-day exploits) in all WCMS and plugins.

What we can do is: work together on the security of our systems and your applications (see above: This is what you should do…).

Can mod-security rules lead to problems with plugins or extensions?

Occasionally, mod_security rules block certain functions required for plugins. However, we activate these rules, as in this moment we regard the security and availability of your applications as more important than the full functionality of a plugin.

HTTP 503 messages may indicate a conflict with mod_security. So if you have problems with a plugin, an extension or the like, please contact our support. Our support team is informed about active mod_security rules and can pass your feedback on to IT Operations.

Please rate this post :

4 thoughts on “mod_security: This Is How We Protect WordPress, Joomla! and Other WCMS and Plugins

  1. I use WordPress for my site and I cannot upload photos via the Ultimate Member plugin. I have been advised that this may be because of mod_security.
    Can anyone help please?

    1. 1and1help says:

      Hi Lawrence,

      you might contact our support with more details regarding this query. We need error messages and more informations about your installation path. You can reach out to us here:

      Michael, 1&1

  2. Yehya says:

    Hi I use elementor plugin and its not working and i think it’s because of the modsecurity

    in chrome browser its give a white blank screen

    in fire fox

    The connection was reset
    The connection to the server was reset while the page was loading.

    thank you

    1. 1and1help says:

      Hi Yehya,

      for a deeper investigation of this matter, please write us at with your website and customer credentials. If you can us provide screenshots that would be helpful.

      Thanks in advance
      Martin, 1&1

Leave a Reply

Your email address will not be published. Required fields are marked *