ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its overall performance and when it detects an intrusion attempt, it blocks it. The firewall furthermore maintains a more comprehensive log for the traffic than any web server does, so you will manage to keep track of what's going on with your sites better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For instance, it detects whether anyone is trying to log in to the administrator area of a specific script several times or if a request is sent to execute a file with a particular command. In these cases these attempts set off the corresponding rules and the firewall blocks the attempts instantly, after that records detailed information about them inside its logs. ModSecurity is one of the best software firewalls out there and it can protect your web apps against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.
ModSecurity in Shared Hosting
ModSecurity comes standard with all shared hosting packages that we offer and it will be turned on automatically for any domain or subdomain which you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and deactivate it with a click or set it to detection mode, so it'll maintain a log of all attacks, but it shall not do anything to prevent them. The log for each of your Internet sites shall include in-depth information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are frequently updated and comprise of both commercial ones that we get from a third-party security business and custom ones our system administrators include in the event that they detect a new kind of attacks. In this way, the Internet sites which you host here shall be a lot more protected with no action needed on your end.