ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is used to prevent attacks against script-driven Internet sites through the use of security rules which contain particular expressions. In this way, the firewall can block hacking and spamming attempts and protect even websites which are not updated regularly. For instance, a number of failed login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script will trigger specific rules, so ModSecurity shall block these activities the minute it discovers them. The firewall is quite efficient because it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it can easily stop an attack before any damage is done. It furthermore keeps an incredibly thorough log of all attack attempts that contains more information than traditional Apache logs, so you could later check out the data and take extra measures to improve the security of your websites if needed.

ModSecurity in Shared Website Hosting

We offer ModSecurity with all shared website hosting solutions, so your web apps will be shielded from harmful attacks. The firewall is turned on by default for all domains and subdomains, but in case you'd like, you'll be able to stop it through the respective area of your Hepsia CP. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you'll find within Hepsia are extremely detailed and offer info about the nature of any attack, when it transpired and from what IP address, the firewall rule that was triggered, and so forth. We use a group of commercial rules that are often updated, but sometimes our administrators include custom rules as well so as to better protect the sites hosted on our machines.