ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is employed to stop attacks against script-driven sites by using security rules that contain certain expressions. In this way, the firewall can stop hacking and spamming attempts and preserve even sites that are not updated frequently. For instance, a number of failed login attempts to a script administrator area or attempts to execute a specific file with the intention to get access to the script will trigger particular rules, so ModSecurity will block these activities the second it detects them. The firewall is incredibly efficient as it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It additionally maintains a very thorough log of all attack attempts that includes more information than standard Apache logs, so you could later examine the data and take additional measures to boost the security of your Internet sites if necessary.
ModSecurity in Cloud Hosting
ModSecurity is available with each and every cloud hosting package which we provide and it is activated by default for any domain or subdomain that you include via your Hepsia Control Panel. In case it interferes with any of your programs or you would like to disable it for any reason, you shall be able to do that through the ModSecurity section of Hepsia with merely a click. You may also use a passive mode, so the firewall will detect possible attacks and keep a log, but won't take any action. You'll be able to view extensive logs in the very same section, including the IP address where the attack originated from, what exactly the attacker tried to do and at what time, what ModSecurity did, etc. For optimum protection of our customers we use a group of commercial firewall rules blended with custom ones which are added by our system administrators.