Find out what ModSecurity is, how it functions and what exactly it does to protect your sites and apps.
ModSecurity is an efficient firewall for Apache web servers that's used to stop attacks toward web applications. It monitors the HTTP traffic to a certain Internet site in real time and prevents any intrusion attempts as soon as it discovers them. The firewall uses a set of rules to do that - as an illustration, attempting to log in to a script administrator area unsuccessfully a few times triggers one rule, sending a request to execute a specific file that could result in gaining access to the site triggers a different rule, and so forth. ModSecurity is amongst the best firewalls out there and it will protect even scripts which are not updated regularly since it can prevent attackers from employing known exploits and security holes. Quite thorough information about each intrusion attempt is recorded and the logs the firewall maintains are far more comprehensive than the standard logs provided by the Apache server, so you can later take a look at them and decide whether you need to take more measures so as to improve the protection of your script-driven websites.
ModSecurity in Shared Hosting
ModSecurity can be found with every single shared hosting package that we provide and it's activated by default for any domain or subdomain that you add via your Hepsia Control Panel. If it interferes with any of your applications or you would like to disable it for any reason, you shall be able to do that through the ModSecurity section of Hepsia with only a mouse click. You could also activate a passive mode, so the firewall will detect potential attacks and keep a log, but will not take any action. You'll be able to view comprehensive logs in the exact same section, including the IP where the attack came from, what exactly the attacker attempted to do and at what time, what ModSecurity did, and so on. For max protection of our customers we use a collection of commercial firewall rules combined with custom ones which are provided by our system admins.