ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's employed to stop attacks towards script-driven sites through the use of security rules that contain certain expressions. This way, the firewall can stop hacking and spamming attempts and protect even websites that are not updated often. For example, multiple unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the objective to get access to the script shall trigger particular rules, so ModSecurity shall stop these activities the moment it discovers them. The firewall is incredibly efficient as it tracks the whole HTTP traffic to a site in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It additionally maintains an exceptionally thorough log of all attack attempts which contains more information than conventional Apache logs, so you could later examine the data and take further measures to enhance the security of your Internet sites if required.
ModSecurity in Shared Hosting
We provide ModSecurity with all shared hosting solutions, so your web apps shall be shielded from malicious attacks. The firewall is switched on as standard for all domains and subdomains, but in case you'd like, you shall be able to stop it through the respective area of your Hepsia CP. You can also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you'll discover in Hepsia are very detailed and include data about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, and so on. We employ a range of commercial rules which are often updated, but sometimes our admins include custom rules as well so as to better protect the Internet sites hosted on our servers.