Considering a number of attacks on web application these days, one must be pro-active in case of the security. You might already be using Web Application Firewall for your web application security including but not limited to ModSecurity. However, ModSecurity works at the application layer.
That means it is installed with Web Server Software (Apache, Nginx etc). Any malicious packets that travel towards your web application are then blocked by this firewall on the application layer. Packet first arrives on the interface of a server, then it moves to the Linux kernel and eventually, it arrives at the application (here application is a web server). ModSecurity is installed as a module in a web server, which inspects every packet before it is delivered to the web application.