ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's employed to prevent attacks against script-driven websites through the use of security rules which contain specific expressions. This way, the firewall can prevent hacking and spamming attempts and protect even websites which are not updated often. For instance, several failed login attempts to a script administrative area or attempts to execute a specific file with the objective to get access to the script shall trigger specific rules, so ModSecurity shall stop these activities the minute it detects them. The firewall is quite efficient as it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any harm is done. It furthermore maintains a very comprehensive log of all attack attempts which contains more info than standard Apache logs, so you could later examine the data and take additional measures to improve the security of your Internet sites if needed.
ModSecurity in Shared Web Hosting
ModSecurity is available with every single shared web hosting package which we provide and it is activated by default for every domain or subdomain that you include through your Hepsia CP. In the event that it interferes with any of your applications or you would like to disable it for any reason, you will be able to achieve that through the ModSecurity section of Hepsia with simply a mouse click. You may also enable a passive mode, so the firewall will recognize possible attacks and keep a log, but won't take any action. You could see detailed logs in the same section, including the IP address where the attack came from, what exactly the attacker attempted to do and at what time, what ModSecurity did, etc. For optimum security of our customers we use a group of commercial firewall rules blended with custom ones which are included by our system administrators.