ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's employed to prevent attacks towards script-driven sites by using security rules that contain certain expressions. This way, the firewall can prevent hacking and spamming attempts and shield even websites that are not updated regularly. As an example, numerous unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the purpose to get access to the script will trigger certain rules, so ModSecurity will stop these activities the moment it discovers them. The firewall is incredibly efficient because it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it can easily prevent an attack before any harm is done. It also maintains an exceptionally detailed log of all attack attempts which contains more info than conventional Apache logs, so you could later analyze the data and take further measures to boost the security of your sites if needed.

ModSecurity in Cloud Hosting

We provide ModSecurity with all cloud hosting solutions, so your web applications will be shielded from destructive attacks. The firewall is switched on by default for all domains and subdomains, but in case you'd like, you will be able to stop it via the respective part of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you shall discover in Hepsia are very detailed and offer info about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, etcetera. We use a group of commercial rules which are often updated, but sometimes our admins include custom rules as well so as to better protect the websites hosted on our machines.