ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its performance and when it identifies an intrusion attempt, it blocks it. The firewall also maintains a more detailed log for the traffic than any server does, so you'll manage to keep track of what's happening with your Internet sites better than if you rely simply on standard logs. ModSecurity uses security rules based on which it stops attacks. For example, it identifies if anyone is attempting to log in to the administration area of a certain script several times or if a request is sent to execute a file with a particular command. In such instances these attempts trigger the corresponding rules and the firewall software hinders the attempts in real time, then records comprehensive information about them inside its logs. ModSecurity is one of the best software firewalls available and it can protect your web applications against many threats and vulnerabilities, especially if you don’t update them or their plugins frequently.
ModSecurity in Hosting
ModSecurity can be found with every single hosting plan that we offer and it's switched on by default for every domain or subdomain which you add through your Hepsia Control Panel. If it interferes with any of your applications or you'd like to disable it for any reason, you shall be able to achieve that through the ModSecurity area of Hepsia with just a mouse click. You may also activate a passive mode, so the firewall will detect possible attacks and keep a log, but will not take any action. You'll be able to view detailed logs in the same section, including the IP where the attack originated from, exactly what the attacker attempted to do and at what time, what ModSecurity did, etc. For max protection of our customers we use a collection of commercial firewall rules blended with custom ones that are provided by our system admins.