ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's used to prevent attacks toward script-driven Internet sites by using security rules which contain specific expressions. This way, the firewall can stop hacking and spamming attempts and preserve even websites that are not updated on a regular basis. For example, multiple unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the purpose to get access to the script will trigger particular rules, so ModSecurity will block out these activities the second it identifies them. The firewall is extremely efficient as it screens the whole HTTP traffic to a site in real time without slowing it down, so it can easily prevent an attack before any harm is done. It furthermore maintains a very comprehensive log of all attack attempts that includes more information than typical Apache logs, so you can later examine the data and take additional measures to improve the security of your sites if needed.

ModSecurity in Cloud Hosting

ModSecurity comes by default with all cloud hosting packages which we supply and it shall be activated automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you could activate and deactivate it with a mouse click or set it to detection mode, so it'll maintain a log of all attacks, but it'll not do anything to prevent them. The log for any of your websites will feature detailed info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are regularly updated and consist of both commercial ones that we get from a third-party security company and custom ones that our system admins add in the event that they detect a new sort of attacks. This way, the websites you host here shall be a lot more protected with no action required on your end.