ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is employed to stop attacks towards script-driven websites by using security rules which contain specific expressions. That way, the firewall can stop hacking and spamming attempts and protect even sites which are not updated often. For example, several unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script will trigger particular rules, so ModSecurity shall block these activities the moment it identifies them. The firewall is very efficient as it screens the whole HTTP traffic to a website in real time without slowing it down, so it can stop an attack before any damage is done. It furthermore maintains an incredibly detailed log of all attack attempts that includes more info than conventional Apache logs, so you could later analyze the data and take further measures to boost the security of your sites if necessary.
ModSecurity in Shared Hosting
We offer ModSecurity with all shared hosting plans, so your web apps will be protected against harmful attacks. The firewall is activated as standard for all domains and subdomains, but in case you'd like, you will be able to stop it using the respective part of your Hepsia CP. You could also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you will discover inside Hepsia are extremely detailed and offer information about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, etc. We use a set of commercial rules that are constantly updated, but sometimes our admins add custom rules as well in order to efficiently protect the sites hosted on our machines.