ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's used to prevent attacks against script-driven websites through the use of security rules that contain particular expressions. In this way, the firewall can block hacking and spamming attempts and preserve even sites which aren't updated frequently. For instance, several failed login attempts to a script administrator area or attempts to execute a specific file with the purpose to get access to the script shall trigger certain rules, so ModSecurity will block these activities the second it detects them. The firewall is very efficient as it tracks the whole HTTP traffic to a site in real time without slowing it down, so it can easily prevent an attack before any damage is done. It additionally keeps an incredibly thorough log of all attack attempts which includes more info than traditional Apache logs, so you could later check out the data and take extra measures to boost the security of your sites if necessary.
ModSecurity in Cloud Web Hosting
We offer ModSecurity with all cloud web hosting plans, so your web applications will be shielded from destructive attacks. The firewall is switched on as standard for all domains and subdomains, but if you'd like, you'll be able to stop it via the respective section of your Hepsia CP. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you shall find inside Hepsia are quite detailed and feature information about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, etcetera. We employ a group of commercial rules which are regularly updated, but sometimes our administrators include custom rules as well so as to efficiently protect the Internet sites hosted on our machines.