ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's employed to prevent attacks against script-driven sites by using security rules that contain certain expressions. This way, the firewall can block hacking and spamming attempts and preserve even Internet sites that aren't updated regularly. For example, numerous failed login attempts to a script administrator area or attempts to execute a certain file with the purpose to get access to the script shall trigger particular rules, so ModSecurity shall stop these activities the moment it discovers them. The firewall is quite efficient since it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It also keeps a very thorough log of all attack attempts which contains more information than conventional Apache logs, so you can later analyze the data and take extra measures to increase the security of your sites if needed.
ModSecurity in Cloud Web Hosting
ModSecurity is available with every single cloud web hosting package which we provide and it is turned on by default for any domain or subdomain which you include via your Hepsia CP. In case it disrupts any of your apps or you would like to disable it for some reason, you'll be able to do this through the ModSecurity section of Hepsia with merely a click. You may also use a passive mode, so the firewall will recognize potential attacks and maintain a log, but shall not take any action. You can see detailed logs in the very same section, including the IP address where the attack came from, what exactly the attacker attempted to do and at what time, what ModSecurity did, and so forth. For maximum safety of our customers we use a set of commercial firewall rules mixed with custom ones that are included by our system administrators.