ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its operation and when it detects an intrusion attempt, it blocks it. The firewall also maintains a more comprehensive log for the website visitors than any server does, so you shall manage to keep an eye on what's happening with your Internet sites a lot better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it detects whether somebody is trying to log in to the administration area of a particular script several times or if a request is sent to execute a file with a certain command. In such instances these attempts trigger the corresponding rules and the firewall software blocks the attempts right away, after that records detailed info about them in its logs. ModSecurity is one of the best software firewalls available and it could easily protect your web apps against a large number of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.
ModSecurity in Shared Hosting
We offer ModSecurity with all shared hosting solutions, so your web applications shall be resistant to harmful attacks. The firewall is turned on as standard for all domains and subdomains, but if you would like, you will be able to stop it using the respective section of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you shall discover inside Hepsia are extremely detailed and offer information about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, etc. We use a range of commercial rules which are frequently updated, but sometimes our admins include custom rules as well so as to better protect the websites hosted on our machines.