ModSecurity
Find out what ModSecurity is really, the way it works and precisely what it does to guard your web sites and applications.
ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its operation and in case it detects an intrusion attempt, it blocks it. The firewall also maintains a more thorough log for the site visitors than any server does, so you will manage to monitor what is going on with your Internet sites better than if you rely simply on standard logs. ModSecurity employs security rules based on which it stops attacks. For instance, it identifies if somebody is attempting to log in to the administration area of a given script several times or if a request is sent to execute a file with a particular command. In these situations these attempts trigger the corresponding rules and the software hinders the attempts right away, then records detailed info about them inside its logs. ModSecurity is one of the most effective software firewalls on the market and it could easily protect your web apps against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.
ModSecurity in Website Hosting
ModSecurity comes by default with all website hosting plans that we offer and it shall be activated automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you could switch on and deactivate it with just a click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to stop them. The log for each of your Internet sites will include elaborate information including the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules we use are constantly updated and include both commercial ones which we get from a third-party security firm and custom ones which our system administrators include in case that they detect a new sort of attacks. In this way, the sites that you host here will be much more secure with no action expected on your end.