ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's employed to prevent attacks towards script-driven sites through the use of security rules that contain specific expressions. In this way, the firewall can stop hacking and spamming attempts and shield even websites that aren't updated on a regular basis. For instance, numerous failed login attempts to a script admin area or attempts to execute a certain file with the purpose to get access to the script will trigger specific rules, so ModSecurity shall block these activities the minute it discovers them. The firewall is extremely efficient as it tracks the whole HTTP traffic to a site in real time without slowing it down, so it can easily prevent an attack before any harm is done. It furthermore keeps a very comprehensive log of all attack attempts that contains more information than standard Apache logs, so you can later check out the data and take further measures to enhance the security of your sites if necessary.
ModSecurity in Cloud Hosting
ModSecurity is available with every cloud hosting solution that we provide and it is turned on by default for any domain or subdomain which you add via your Hepsia Control Panel. In case it interferes with any of your programs or you would like to disable it for any reason, you shall be able to do this through the ModSecurity section of Hepsia with simply a mouse click. You can also use a passive mode, so the firewall will discover potential attacks and maintain a log, but will not take any action. You'll be able to view comprehensive logs in the same section, including the IP address where the attack originated from, what precisely the attacker attempted to do and at what time, what ModSecurity did, and so forth. For max safety of our customers we use a group of commercial firewall rules mixed with custom ones which are included by our system administrators.