ModSecurity is an efficient firewall for Apache web servers that's employed to prevent attacks against web apps. It monitors the HTTP traffic to a given website in real time and blocks any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to do that - as an illustration, attempting to log in to a script administrator area without success many times activates one rule, sending a request to execute a certain file which could result in accessing the website triggers a different rule, and so forth. ModSecurity is amongst the best firewalls on the market and it will secure even scripts that aren't updated regularly as it can prevent attackers from employing known exploits and security holes. Quite comprehensive info about every intrusion attempt is recorded and the logs the firewall maintains are much more comprehensive than the regular logs created by the Apache server, so you may later analyze them and determine if you need to take extra measures in order to improve the protection of your script-driven Internet sites.
ModSecurity in Shared Hosting
We provide ModSecurity with all shared hosting packages, so your web applications shall be resistant to harmful attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you shall be able to stop it using the respective section of your Hepsia CP. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you will find inside Hepsia are quite detailed and include info about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, and so on. We use a set of commercial rules that are regularly updated, but sometimes our admins add custom rules as well in order to efficiently protect the websites hosted on our servers.