ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's used to stop attacks toward script-driven websites by using security rules that contain certain expressions. In this way, the firewall can block hacking and spamming attempts and shield even websites which aren't updated regularly. For example, multiple unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the objective to get access to the script shall trigger certain rules, so ModSecurity will stop these activities the moment it discovers them. The firewall is quite efficient as it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it can prevent an attack before any harm is done. It furthermore maintains a very comprehensive log of all attack attempts that features more information than traditional Apache logs, so you could later analyze the data and take additional measures to improve the security of your Internet sites if required.
ModSecurity in Cloud Hosting
We provide ModSecurity with all cloud hosting packages, so your Internet apps will be protected against destructive attacks. The firewall is turned on as standard for all domains and subdomains, but in case you'd like, you shall be able to stop it through the respective area of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you shall find in Hepsia are incredibly detailed and include information about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, etcetera. We employ a set of commercial rules which are constantly updated, but sometimes our administrators add custom rules as well in order to better protect the websites hosted on our servers.