ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's employed to stop attacks towards script-driven sites through the use of security rules that contain particular expressions. That way, the firewall can stop hacking and spamming attempts and preserve even websites that are not updated frequently. For instance, numerous unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the intention to get access to the script shall trigger particular rules, so ModSecurity will block these activities the second it detects them. The firewall is quite efficient because it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it can easily stop an attack before any harm is done. It additionally keeps an incredibly thorough log of all attack attempts that contains more info than typical Apache logs, so you can later check out the data and take extra measures to improve the security of your sites if needed.
ModSecurity in Hosting
ModSecurity is offered with every single hosting package which we offer and it's activated by default for every domain or subdomain that you include via your Hepsia CP. In case it disrupts any of your applications or you'd like to disable it for some reason, you will be able to accomplish that through the ModSecurity section of Hepsia with just a click. You could also enable a passive mode, so the firewall will identify possible attacks and maintain a log, but will not take any action. You'll be able to view detailed logs in the exact same section, including the IP address where the attack originated from, what exactly the attacker tried to do and at what time, what ModSecurity did, etcetera. For maximum safety of our clients we use a collection of commercial firewall rules mixed with custom ones that are provided by our system admins.