ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is used to prevent attacks against script-driven websites by using security rules that contain particular expressions. That way, the firewall can block hacking and spamming attempts and protect even sites which are not updated on a regular basis. As an example, multiple unsuccessful login attempts to a script admin area or attempts to execute a certain file with the objective to get access to the script shall trigger specific rules, so ModSecurity will block out these activities the instant it identifies them. The firewall is extremely efficient because it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any harm is done. It additionally maintains a very comprehensive log of all attack attempts which contains more info than standard Apache logs, so you can later analyze the data and take additional measures to enhance the security of your sites if necessary.
ModSecurity in Cloud Website Hosting
We provide ModSecurity with all cloud website hosting plans, so your Internet apps shall be shielded from malicious attacks. The firewall is activated as standard for all domains and subdomains, but in case you would like, you'll be able to stop it via the respective part of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you shall discover in Hepsia are very detailed and offer information about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, etc. We use a set of commercial rules which are constantly updated, but sometimes our administrators include custom rules as well so as to better protect the websites hosted on our servers.