ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's used to prevent attacks against script-driven websites by using security rules that contain certain expressions. This way, the firewall can prevent hacking and spamming attempts and protect even websites that aren't updated on a regular basis. For instance, several unsuccessful login attempts to a script administrator area or attempts to execute a certain file with the intention to get access to the script shall trigger specific rules, so ModSecurity will stop these activities the second it identifies them. The firewall is very efficient because it screens the entire HTTP traffic to a website in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It furthermore maintains an exceptionally comprehensive log of all attack attempts that includes more information than typical Apache logs, so you could later analyze the data and take additional measures to improve the security of your Internet sites if needed.
ModSecurity in Shared Hosting
We provide ModSecurity with all shared hosting solutions, so your web apps shall be shielded from destructive attacks. The firewall is turned on as standard for all domains and subdomains, but in case you would like, you shall be able to stop it using the respective section of your Hepsia CP. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you will find in Hepsia are quite detailed and feature info about the nature of any attack, when it happened and from what IP address, the firewall rule which was triggered, etc. We use a range of commercial rules which are constantly updated, but sometimes our administrators include custom rules as well so as to efficiently protect the websites hosted on our servers.