ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is employed to prevent attacks towards script-driven websites through the use of security rules that contain particular expressions. In this way, the firewall can prevent hacking and spamming attempts and shield even websites that are not updated on a regular basis. For example, a number of failed login attempts to a script administrator area or attempts to execute a specific file with the objective to get access to the script shall trigger certain rules, so ModSecurity will block out these activities the moment it discovers them. The firewall is incredibly efficient since it tracks the whole HTTP traffic to a website in real time without slowing it down, so it will be able to stop an attack before any harm is done. It furthermore keeps a very detailed log of all attack attempts which includes more info than traditional Apache logs, so you can later check out the data and take further measures to improve the security of your websites if needed.
ModSecurity in Shared Web Hosting
We provide ModSecurity with all shared web hosting packages, so your Internet apps shall be shielded from destructive attacks. The firewall is turned on as standard for all domains and subdomains, but if you would like, you will be able to stop it using the respective part of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you will discover within Hepsia are quite detailed and feature data about the nature of any attack, when it took place and from what IP address, the firewall rule that was triggered, etcetera. We use a range of commercial rules that are regularly updated, but sometimes our admins add custom rules as well so as to efficiently protect the sites hosted on our machines.