ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is employed to stop attacks toward script-driven sites by using security rules that contain certain expressions. This way, the firewall can prevent hacking and spamming attempts and protect even websites which aren't updated frequently. For example, numerous failed login attempts to a script administrator area or attempts to execute a particular file with the purpose to get access to the script will trigger particular rules, so ModSecurity shall block these activities the second it discovers them. The firewall is incredibly efficient because it screens the entire HTTP traffic to a site in real time without slowing it down, so it can prevent an attack before any damage is done. It also maintains an incredibly thorough log of all attack attempts which includes more information than conventional Apache logs, so you could later analyze the data and take extra measures to improve the security of your sites if necessary.
ModSecurity in Cloud Website Hosting
ModSecurity is offered with every cloud website hosting package which we provide and it is turned on by default for any domain or subdomain which you include through your Hepsia CP. In case it interferes with any of your apps or you'd like to disable it for whatever reason, you'll be able to accomplish that through the ModSecurity area of Hepsia with just a click. You can also enable a passive mode, so the firewall will discover potential attacks and keep a log, but shall not take any action. You'll be able to see detailed logs in the exact same section, including the IP address where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, and so forth. For optimum safety of our clients we use a collection of commercial firewall rules combined with custom ones that are provided by our system administrators.