ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's employed to stop attacks towards script-driven websites by employing security rules which contain particular expressions. This way, the firewall can prevent hacking and spamming attempts and shield even sites which are not updated often. As an example, a number of failed login attempts to a script administrative area or attempts to execute a particular file with the objective to get access to the script shall trigger certain rules, so ModSecurity will block out these activities the moment it identifies them. The firewall is incredibly efficient as it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it can prevent an attack before any harm is done. It additionally keeps an exceptionally thorough log of all attack attempts which contains more info than traditional Apache logs, so you could later analyze the data and take additional measures to improve the security of your Internet sites if needed.
ModSecurity in Shared Website Hosting
We provide ModSecurity with all shared website hosting plans, so your web apps will be resistant to harmful attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you shall be able to stop it using the respective area of your Hepsia Control Panel. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you'll find within Hepsia are extremely detailed and include info about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, etcetera. We use a set of commercial rules which are regularly updated, but sometimes our administrators add custom rules as well so as to better protect the Internet sites hosted on our machines.