ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and if it identifies an intrusion attempt, it prevents it. The firewall additionally maintains a more comprehensive log for the site visitors than any web server does, so you will be able to monitor what's going on with your websites better than if you rely only on conventional logs. ModSecurity employs security rules based on which it helps prevent attacks. For example, it recognizes if somebody is attempting to log in to the administrator area of a certain script several times or if a request is sent to execute a file with a particular command. In such situations these attempts set off the corresponding rules and the firewall software blocks the attempts right away, then records in-depth details about them within its logs. ModSecurity is among the best software firewalls available and it can protect your web apps against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Shared Website Hosting
ModSecurity is offered with each and every shared website hosting package that we offer and it is switched on by default for every domain or subdomain that you add through your Hepsia Control Panel. In case it disrupts any of your applications or you would like to disable it for any reason, you shall be able to do this through the ModSecurity section of Hepsia with merely a click. You can also use a passive mode, so the firewall will discover possible attacks and maintain a log, but won't take any action. You could view detailed logs in the same section, including the IP address where the attack originated from, what exactly the attacker tried to do and at what time, what ModSecurity did, etcetera. For optimum security of our customers we use a collection of commercial firewall rules combined with custom ones that are added by our system admins.