ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is employed to stop attacks against script-driven sites by employing security rules that contain specific expressions. This way, the firewall can stop hacking and spamming attempts and shield even sites which aren't updated regularly. For example, multiple failed login attempts to a script administrator area or attempts to execute a certain file with the purpose to get access to the script shall trigger specific rules, so ModSecurity will stop these activities the moment it identifies them. The firewall is quite efficient since it tracks the entire HTTP traffic to a website in real time without slowing it down, so it could prevent an attack before any damage is done. It additionally maintains a very detailed log of all attack attempts that contains more information than typical Apache logs, so you could later analyze the data and take additional measures to increase the security of your Internet sites if necessary.
ModSecurity in Web Hosting
ModSecurity can be found with each and every web hosting solution that we offer and it is turned on by default for every domain or subdomain which you add via your Hepsia Control Panel. In the event that it interferes with any of your programs or you'd like to disable it for any reason, you'll be able to do this through the ModSecurity section of Hepsia with merely a mouse click. You could also enable a passive mode, so the firewall will identify potential attacks and maintain a log, but won't take any action. You can view comprehensive logs in the same section, including the IP address where the attack came from, what exactly the attacker attempted to do and at what time, what ModSecurity did, and so on. For optimum protection of our clients we use a collection of commercial firewall rules blended with custom ones which are provided by our system admins.