ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's used to stop attacks towards script-driven sites through the use of security rules which contain particular expressions. This way, the firewall can block hacking and spamming attempts and shield even websites that aren't updated regularly. As an example, several unsuccessful login attempts to a script administrative area or attempts to execute a specific file with the purpose to get access to the script shall trigger specific rules, so ModSecurity will block these activities the moment it detects them. The firewall is incredibly efficient because it screens the whole HTTP traffic to a website in real time without slowing it down, so it can easily stop an attack before any damage is done. It additionally keeps an exceptionally thorough log of all attack attempts that contains more info than conventional Apache logs, so you can later analyze the data and take extra measures to boost the security of your websites if necessary.
ModSecurity in Website Hosting
We provide ModSecurity with all website hosting plans, so your Internet applications shall be protected against malicious attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you'll be able to stop it using the respective section of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you will discover within Hepsia are incredibly detailed and offer information about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, etc. We employ a range of commercial rules that are often updated, but sometimes our admins add custom rules as well in order to better protect the websites hosted on our servers.