ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and when it discovers an intrusion attempt, it blocks it. The firewall furthermore maintains a more comprehensive log for the site visitors than any server does, so you will be able to keep track of what's going on with your Internet sites better than if you rely simply on standard logs. ModSecurity employs security rules based on which it stops attacks. For instance, it identifies whether someone is trying to log in to the administrator area of a certain script several times or if a request is sent to execute a file with a specific command. In such situations these attempts trigger the corresponding rules and the firewall software blocks the attempts immediately, then records in-depth details about them in its logs. ModSecurity is one of the most effective software firewalls on the market and it could easily protect your web apps against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.
ModSecurity in Cloud Web Hosting
ModSecurity comes standard with all cloud web hosting packages which we supply and it will be switched on automatically for any domain or subdomain that you add/create inside your Hepsia hosting Control Panel. The firewall has three different modes, so you'll be able to activate and deactivate it with simply a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to prevent them. The log for each of your sites shall feature detailed info including the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules we use are regularly updated and include both commercial ones that we get from a third-party security company and custom ones that our system administrators add in case that they detect a new kind of attacks. That way, the sites which you host here will be much more secure without any action expected on your end.