ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is used to prevent attacks toward script-driven sites by employing security rules that contain certain expressions. This way, the firewall can block hacking and spamming attempts and protect even Internet sites that are not updated regularly. For instance, multiple failed login attempts to a script administrative area or attempts to execute a certain file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall block these activities the moment it discovers them. The firewall is extremely efficient because it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It furthermore maintains an incredibly comprehensive log of all attack attempts which features more information than conventional Apache logs, so you could later analyze the data and take further measures to improve the security of your sites if required.

ModSecurity in Cloud Website Hosting

We provide ModSecurity with all cloud website hosting plans, so your web apps shall be shielded from destructive attacks. The firewall is turned on as standard for all domains and subdomains, but in case you would like, you will be able to stop it via the respective part of your Hepsia CP. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you shall discover within Hepsia are incredibly detailed and feature information about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, etc. We employ a set of commercial rules that are often updated, but sometimes our administrators add custom rules as well so as to efficiently protect the websites hosted on our machines.