What is Apache modSecurity?
ModSecurity is an Apache module that functions as an embeddable web application firewall. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring and real-time analysis with no changes to existing infrastructure. It is also an open source project that aims to make web application firewall technology available to everyone.
When configuring ModSecurity, it is important to know that it is not only the Joomla! application that may require unique rules, but also the data that the application processes.
Quality hosting providers customize mod_security rules to suit each customer.
If you have a conflict between Joomla and ModSecurity, it is often third party components, and sometimes even contact form submissions that trigger the problem. Joomla out of the box usually works with typical ModSecurity settings, but this is dependent on each hosting provider's unique configuration.
Overall, mod_security is a excellent tool, but this is really something your host should manage.
ModSecurity configurations are far too varied and complex to describe here. To learn more, see the following resources: