ModSecurity is a highly effective firewall for Apache web servers that is used to prevent attacks against web apps. It tracks the HTTP traffic to a given website in real time and stops any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to do this - for instance, trying to log in to a script administration area without success several times activates one rule, sending a request to execute a certain file which could result in accessing the website triggers a different rule, etc. ModSecurity is one of the best firewalls around and it will secure even scripts that are not updated frequently because it can prevent attackers from employing known exploits and security holes. Quite thorough information about each and every intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the conventional logs generated by the Apache server, so you could later analyze them and determine if you need to take additional measures in order to boost the safety of your script-driven websites.
ModSecurity in Shared Website Hosting
We offer ModSecurity with all shared website hosting plans, so your Internet apps will be protected against malicious attacks. The firewall is activated as standard for all domains and subdomains, but if you'd like, you will be able to stop it via the respective section of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you shall find in Hepsia are extremely detailed and feature data about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, etcetera. We use a set of commercial rules which are regularly updated, but sometimes our admins include custom rules as well so as to efficiently protect the Internet sites hosted on our servers.