ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its overall performance and when it detects an intrusion attempt, it blocks it. The firewall furthermore keeps a more thorough log for the website visitors than any server does, so you'll be able to keep track of what is happening with your Internet sites better than if you rely only on conventional logs. ModSecurity employs security rules based on which it helps prevent attacks. For example, it identifies if someone is attempting to log in to the administration area of a particular script several times or if a request is sent to execute a file with a particular command. In these circumstances these attempts set off the corresponding rules and the firewall software blocks the attempts in real time, and then records detailed info about them within its logs. ModSecurity is among the very best software firewalls out there and it could easily protect your web applications against many threats and vulnerabilities, particularly in case you don’t update them or their plugins often.
ModSecurity in Website Hosting
ModSecurity comes standard with all website hosting solutions that we provide and it will be switched on automatically for any domain or subdomain you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you can switch on and deactivate it with only a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to stop them. The log for any of your sites shall contain comprehensive info such as the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are constantly updated and consist of both commercial ones we get from a third-party security business and custom ones which our system admins include in case that they detect a new type of attacks. That way, the sites you host here shall be a lot more protected without any action required on your end.