ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is used to prevent attacks against script-driven sites through the use of security rules which contain particular expressions. This way, the firewall can prevent hacking and spamming attempts and shield even websites which aren't updated regularly. For example, numerous unsuccessful login attempts to a script administrative area or attempts to execute a specific file with the objective to get access to the script will trigger particular rules, so ModSecurity shall block these activities the moment it identifies them. The firewall is extremely efficient because it monitors the entire HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It furthermore keeps an exceptionally comprehensive log of all attack attempts that includes more information than typical Apache logs, so you can later analyze the data and take further measures to increase the security of your websites if required.
ModSecurity in Shared Website Hosting
ModSecurity is offered with each shared website hosting plan which we offer and it's activated by default for every domain or subdomain which you include via your Hepsia CP. In the event that it disrupts any of your programs or you'd like to disable it for whatever reason, you shall be able to accomplish that through the ModSecurity area of Hepsia with simply a click. You can also use a passive mode, so the firewall will detect potential attacks and maintain a log, but won't take any action. You could view detailed logs in the same section, including the IP where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so forth. For max protection of our clients we use a set of commercial firewall rules mixed with custom ones which are included by our system administrators.