ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's employed to prevent attacks towards script-driven Internet sites through the use of security rules that contain particular expressions. This way, the firewall can stop hacking and spamming attempts and protect even sites which are not updated often. As an example, numerous failed login attempts to a script administrator area or attempts to execute a certain file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall block out these activities the second it discovers them. The firewall is very efficient as it monitors the whole HTTP traffic to a website in real time without slowing it down, so it can easily prevent an attack before any damage is done. It furthermore keeps an exceptionally thorough log of all attack attempts which contains more information than standard Apache logs, so you could later examine the data and take additional measures to enhance the security of your websites if needed.
ModSecurity in Cloud Hosting
ModSecurity comes standard with all cloud hosting plans that we offer and it will be turned on automatically for any domain or subdomain you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and deactivate it with a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it shall not do anything to prevent them. The log for each of your websites will contain elaborate information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules which we use are regularly updated and incorporate both commercial ones which we get from a third-party security business and custom ones which our system admins add in case that they detect a new kind of attacks. In this way, the websites which you host here will be way more protected with no action needed on your end.