So, you have discovered something is not quite working right on your site?
We run ModSecurity rules on all accounts to protect from hackers/crackers around the world being able to exploit your site by known means. The rulesets are updated regularly so if you notice something used to work and now does not ModSecurity is an option to check out.
So how do we do this?
When logged into your account on DirectAdmin find the ModSecurity widget in the Advanced Settings section.
Once you enter the ModSecurity settings page you will see
Showing you the status of ModSecurity "SecRuleEngine" and listing any disabled rules. ps. We do not recommend disabling ModSecurity entirely by setting it to off.
To see recent ModSecurity rule hits click the Log tab.
In this case ModSecurity rightly denied an external visitor access to the .env file .
If interested in finding out what that file is about follow the link above to a commonly used framework. But would contain goodies such as database credentials, host and application configuration. Eeek!
To see all the information recorded for the entry hover the mouse over the Rule ID. 
Ok, you have seen the rules being hit. You have discovered one which is actually blocking normal behaviour for your application.
To correct that simply click on the "+" icon then "Skip Rule".
This will then disable the rule for your domain.
