ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is used to stop attacks towards script-driven websites through the use of security rules which contain certain expressions. This way, the firewall can block hacking and spamming attempts and shield even Internet sites which aren't updated often. As an example, multiple unsuccessful login attempts to a script administrative area or attempts to execute a specific file with the purpose to get access to the script will trigger specific rules, so ModSecurity shall stop these activities the moment it identifies them. The firewall is extremely efficient because it monitors the whole HTTP traffic to a site in real time without slowing it down, so it can easily prevent an attack before any damage is done. It additionally maintains an exceptionally thorough log of all attack attempts that includes more info than standard Apache logs, so you can later examine the data and take extra measures to boost the security of your Internet sites if required.
ModSecurity in Shared Website Hosting
We offer ModSecurity with all shared website hosting solutions, so your web apps shall be resistant to harmful attacks. The firewall is activated as standard for all domains and subdomains, but in case you would like, you'll be able to stop it using the respective part of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you'll find in Hepsia are very detailed and offer data about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, and so on. We use a set of commercial rules which are often updated, but sometimes our administrators include custom rules as well so as to better protect the Internet sites hosted on our machines.