ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is employed to prevent attacks toward script-driven websites by employing security rules which contain particular expressions. That way, the firewall can block hacking and spamming attempts and shield even Internet sites that aren't updated on a regular basis. For instance, numerous unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the intention to get access to the script shall trigger specific rules, so ModSecurity shall block out these activities the minute it discovers them. The firewall is quite efficient as it monitors the whole HTTP traffic to a site in real time without slowing it down, so it could stop an attack before any harm is done. It furthermore maintains an exceptionally detailed log of all attack attempts that includes more information than standard Apache logs, so you can later examine the data and take extra measures to boost the security of your sites if needed.
ModSecurity in Shared Website Hosting
ModSecurity comes by default with all shared website hosting plans that we supply and it shall be activated automatically for any domain or subdomain which you add/create within your Hepsia hosting CP. The firewall has three different modes, so you could switch on and disable it with simply a click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to stop them. The log for any of your sites shall feature elaborate information including the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are frequently updated and incorporate both commercial ones which we get from a third-party security firm and custom ones which our system admins include in case that they detect a new kind of attacks. In this way, the sites which you host here will be a lot more protected with no action required on your end.