Is there a way to know if mod_security is activated on an apache server using PHP? (without curl)
One thing you could try is using apache_get_modules to discover what modules Apache currently has enabled. Of course this approach will only work on an Apache server and not on other popular HTTP servers.
var_dump (in_array ('mod_security', apache_get_modules ()));