Enable Apache mod_security

Mod_security operates embedded into the web server, acting as a powerful umbrella – shielding applications from attacks.

In Enscale, you can add this module to your Apache server. As Enscale gives full access to Apaches config files you can define your own custom rules in mod_security.conf. The module can be added to new environments only and it is disabled by default, but can enabled really easy by following these simple steps:

• Log in to your Enscale dashboard.
• Click Config on the Application Node:

• Access the conf.modulesd/ directory and search for 10-mod_security.conf and click on it:

• Once there, activate mod_security by uncommenting the two LoadModule lines in 10-mod_security.conf (mod_security2 + mod_unique_id):

• Finally, restart Apache and you can start using the mod_security module: