ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's employed to stop attacks against script-driven websites by using security rules that contain certain expressions. That way, the firewall can prevent hacking and spamming attempts and protect even Internet sites that are not updated on a regular basis. As an example, multiple failed login attempts to a script administrative area or attempts to execute a certain file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall block these activities the instant it identifies them. The firewall is quite efficient because it screens the entire HTTP traffic to a website in real time without slowing it down, so it will be able to stop an attack before any damage is done. It furthermore maintains a very thorough log of all attack attempts that features more info than standard Apache logs, so you could later check out the data and take additional measures to boost the security of your sites if necessary.
ModSecurity in Cloud Hosting
We offer ModSecurity with all cloud hosting packages, so your web apps will be shielded from harmful attacks. The firewall is switched on by default for all domains and subdomains, but in case you'd like, you'll be able to stop it via the respective part of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you shall find in Hepsia are quite detailed and include data about the nature of any attack, when it occurred and from what IP, the firewall rule that was triggered, etcetera. We use a range of commercial rules which are regularly updated, but sometimes our administrators include custom rules as well in order to efficiently protect the websites hosted on our servers.