Include ModSecurity and OWASP ModSecurity Core Rule Set (CRS)
Many websites / CMS systems get attacked on a daily basis. There is an open source project which is providing ModSecurity rules to mitigate many common attacks. It would be great if ModSecurity and the OWASP ModSecurity Core Rule Set (CRS) is included in ISPconfig in the sense that those rules can be enabled or disabled on a per website basis. ModSecurity is available for nginx and apache.
More information about the project: https://owasp.org/www-project-modsecurity-core-rule-set/ or here https://coreruleset.org/