ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's used to stop attacks toward script-driven sites by employing security rules that contain particular expressions. In this way, the firewall can stop hacking and spamming attempts and shield even Internet sites that aren't updated frequently. As an example, multiple failed login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script will trigger certain rules, so ModSecurity will block out these activities the moment it identifies them. The firewall is quite efficient since it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it can stop an attack before any harm is done. It also maintains an incredibly comprehensive log of all attack attempts which contains more information than traditional Apache logs, so you can later analyze the data and take further measures to improve the security of your sites if necessary.
ModSecurity in Shared Website Hosting
We offer ModSecurity with all shared website hosting packages, so your Internet apps shall be shielded from destructive attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you shall be able to stop it via the respective part of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you'll find inside Hepsia are extremely detailed and include data about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, and so on. We employ a group of commercial rules which are frequently updated, but sometimes our administrators add custom rules as well so as to efficiently protect the sites hosted on our servers.