I have installed Apache 2.4.7 with Drupal HTTPS site using Let's Encrypt cert. Mod_security is sucessfully installed, but is it able to defend against attacks, since the site is HTTPS?
I tried testing it for the simple SQLi, but it didnt trigger any events.