ModSecurity
Find out what ModSecurity is, how it functions and just what it does to protect your sites and apps.
ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and when it detects an intrusion attempt, it prevents it. The firewall also keeps a more comprehensive log for the site visitors than any server does, so you will manage to monitor what is happening with your Internet sites much better than if you rely simply on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For example, it recognizes if somebody is trying to log in to the admin area of a specific script multiple times or if a request is sent to execute a file with a certain command. In such instances these attempts set off the corresponding rules and the software hinders the attempts in real time, and then records in-depth info about them inside its logs. ModSecurity is among the most effective software firewalls on the market and it can easily protect your web applications against many threats and vulnerabilities, especially if you don’t update them or their plugins often.
ModSecurity in Website Hosting
ModSecurity comes by default with all website hosting solutions that we offer and it shall be switched on automatically for any domain or subdomain you add/create within your Hepsia hosting Control Panel. The firewall has three different modes, so you could switch on and deactivate it with simply a click or set it to detection mode, so it'll maintain a log of all attacks, but it will not do anything to stop them. The log for each of your Internet sites will feature detailed information such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are regularly updated and consist of both commercial ones which we get from a third-party security company and custom ones our system administrators add in case that they detect a new type of attacks. This way, the sites which you host here will be far more protected without any action expected on your end.