ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's used to prevent attacks towards script-driven websites by using security rules which contain particular expressions. In this way, the firewall can block hacking and spamming attempts and shield even websites that are not updated frequently. For instance, several unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the purpose to get access to the script will trigger particular rules, so ModSecurity will block out these activities the moment it detects them. The firewall is incredibly efficient as it screens the whole HTTP traffic to a site in real time without slowing it down, so it could prevent an attack before any harm is done. It additionally maintains a very comprehensive log of all attack attempts that includes more information than typical Apache logs, so you can later analyze the data and take further measures to boost the security of your sites if required.
ModSecurity in Hosting
ModSecurity is available with each hosting solution that we offer and it is switched on by default for any domain or subdomain which you include via your Hepsia Control Panel. If it interferes with any of your programs or you'd like to disable it for any reason, you shall be able to achieve that through the ModSecurity section of Hepsia with just a click. You could also activate a passive mode, so the firewall will identify possible attacks and keep a log, but will not take any action. You could view comprehensive logs in the same section, including the IP where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etcetera. For maximum security of our clients we use a group of commercial firewall rules mixed with custom ones which are provided by our system admins.