Running a shared hosting service, a client contacted me if I could disable mod_security
for their webapp. The thing is, there is this patchwork webshop CMS called Prestashop with some hair-raising solutions (I'm not here to complain about that), and for it to function properly one of its technical requirements is that you must not use mod_security
at all.
I was instantly thinking, if I really had to do this, I'd need to change everything, like put all websites into isolated docker containers running different webservers and put an nginx reverse proxy in front of all this, this would be a huge job. Is there any other solution to achieve that malicious requests get filtered on this specific installation without having to make in-depth changes to the server and expose prestashop as a single point of failure?