ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's used to stop attacks against script-driven Internet sites by employing security rules that contain certain expressions. That way, the firewall can stop hacking and spamming attempts and shield even websites that aren't updated regularly. For example, a number of unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the purpose to get access to the script will trigger certain rules, so ModSecurity will block out these activities the moment it detects them. The firewall is very efficient since it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any harm is done. It additionally maintains a very comprehensive log of all attack attempts which includes more information than conventional Apache logs, so you can later analyze the data and take additional measures to improve the security of your sites if required.
ModSecurity in Shared Website Hosting
ModSecurity comes by default with all shared website hosting solutions that we supply and it will be activated automatically for any domain or subdomain which you add/create inside your Hepsia hosting Control Panel. The firewall has 3 different modes, so you'll be able to activate and deactivate it with only a click or set it to detection mode, so it'll maintain a log of all attacks, but it'll not do anything to prevent them. The log for each of your Internet sites will feature elaborate info including the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules which we use are constantly updated and comprise of both commercial ones which we get from a third-party security firm and custom ones our system administrators include in case that they detect a new sort of attacks. In this way, the Internet sites you host here will be far more protected without any action required on your end.