Originally Posted by Phil McKerracher
I’d recommend disabling mod_security completely, as described above. In my experience, it generally does more harm than good and I stopped using it myself more than 10 years ago in favour of better alternatives.
I do not recommend disabling it completely but he can ask the host to disable it per rule ID.
Depending on the kind of rules the provider has, ModSecurity can help block spam, hack attempt, brute force, injection, etc… it can also help with your bandwidth and lessen the web server load for useless traffic.
Source link
