ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is used to prevent attacks toward script-driven Internet sites by employing security rules which contain particular expressions. That way, the firewall can block hacking and spamming attempts and protect even sites that aren't updated frequently. For example, several unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the purpose to get access to the script shall trigger particular rules, so ModSecurity will stop these activities the instant it detects them. The firewall is extremely efficient as it tracks the entire HTTP traffic to a website in real time without slowing it down, so it can prevent an attack before any damage is done. It additionally maintains a very thorough log of all attack attempts which features more information than standard Apache logs, so you can later analyze the data and take further measures to increase the security of your sites if necessary.
ModSecurity in Hosting
ModSecurity can be found with each hosting plan which we offer and it's activated by default for every domain or subdomain that you add through your Hepsia Control Panel. If it disrupts any of your programs or you would like to disable it for any reason, you will be able to achieve that through the ModSecurity section of Hepsia with just a mouse click. You may also use a passive mode, so the firewall will identify possible attacks and maintain a log, but shall not take any action. You could see detailed logs in the exact same section, including the IP where the attack originated from, what exactly the attacker attempted to do and at what time, what ModSecurity did, and so forth. For maximum security of our clients we use a group of commercial firewall rules blended with custom ones that are added by our system admins.