ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is employed to prevent attacks toward script-driven sites through the use of security rules which contain certain expressions. In this way, the firewall can block hacking and spamming attempts and preserve even Internet sites which aren't updated on a regular basis. For example, multiple failed login attempts to a script administrator area or attempts to execute a specific file with the intention to get access to the script will trigger certain rules, so ModSecurity will block these activities the second it discovers them. The firewall is quite efficient since it monitors the whole HTTP traffic to a website in real time without slowing it down, so it can easily prevent an attack before any damage is done. It additionally keeps a very thorough log of all attack attempts which features more info than traditional Apache logs, so you can later analyze the data and take additional measures to boost the security of your Internet sites if needed.
ModSecurity in Cloud Hosting
ModSecurity is offered with each cloud hosting plan which we offer and it is switched on by default for any domain or subdomain that you add via your Hepsia Control Panel. In the event that it interferes with any of your programs or you'd like to disable it for whatever reason, you'll be able to accomplish that through the ModSecurity area of Hepsia with simply a mouse click. You could also activate a passive mode, so the firewall will detect possible attacks and maintain a log, but shall not take any action. You can see extensive logs in the very same section, including the IP address where the attack originated from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so on. For optimum protection of our customers we use a collection of commercial firewall rules combined with custom ones which are provided by our system admins.