ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and if it identifies an intrusion attempt, it blocks it. The firewall furthermore keeps a more comprehensive log for the website visitors than any web server does, so you shall manage to keep an eye on what is going on with your sites better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it detects whether someone is attempting to log in to the administrator area of a given script a number of times or if a request is sent to execute a file with a specific command. In such cases these attempts trigger the corresponding rules and the firewall blocks the attempts right away, after that records in-depth information about them within its logs. ModSecurity is one of the best software firewalls on the market and it can protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.
ModSecurity in Shared Website Hosting
ModSecurity is offered with every shared website hosting solution that we offer and it's activated by default for every domain or subdomain which you add through your Hepsia CP. In the event that it interferes with any of your applications or you'd like to disable it for whatever reason, you shall be able to do that through the ModSecurity area of Hepsia with simply a mouse click. You may also enable a passive mode, so the firewall will discover potential attacks and keep a log, but shall not take any action. You could see extensive logs in the exact same section, including the IP address where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etcetera. For maximum safety of our clients we use a collection of commercial firewall rules blended with custom ones which are included by our system administrators.