ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's employed to prevent attacks toward script-driven sites through the use of security rules that contain specific expressions. This way, the firewall can block hacking and spamming attempts and protect even websites which aren't updated on a regular basis. For instance, multiple failed login attempts to a script administrative area or attempts to execute a particular file with the purpose to get access to the script will trigger specific rules, so ModSecurity will stop these activities the second it detects them. The firewall is extremely efficient because it screens the entire HTTP traffic to a site in real time without slowing it down, so it can prevent an attack before any damage is done. It furthermore maintains a very comprehensive log of all attack attempts which contains more info than standard Apache logs, so you could later analyze the data and take extra measures to increase the security of your Internet sites if required.

ModSecurity in Cloud Hosting

ModSecurity is offered with every single cloud hosting solution which we provide and it is turned on by default for every domain or subdomain that you include through your Hepsia Control Panel. In the event that it interferes with any of your programs or you'd like to disable it for whatever reason, you shall be able to achieve that through the ModSecurity area of Hepsia with simply a click. You can also activate a passive mode, so the firewall will recognize possible attacks and maintain a log, but shall not take any action. You can see detailed logs in the same section, including the IP address where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etc. For max security of our clients we use a group of commercial firewall rules combined with custom ones which are included by our system admins.