ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is employed to stop attacks against script-driven Internet sites by using security rules that contain certain expressions. In this way, the firewall can stop hacking and spamming attempts and shield even websites which are not updated frequently. For example, several failed login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script shall trigger specific rules, so ModSecurity will stop these activities the instant it detects them. The firewall is quite efficient since it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it can easily stop an attack before any damage is done. It also keeps an exceptionally detailed log of all attack attempts that includes more information than traditional Apache logs, so you could later check out the data and take extra measures to increase the security of your Internet sites if necessary.
ModSecurity in Shared Web Hosting
ModSecurity comes standard with all shared web hosting packages that we supply and it'll be switched on automatically for any domain or subdomain which you add/create in your Hepsia hosting CP. The firewall has three different modes, so you could switch on and disable it with only a click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to prevent them. The log for each of your websites shall contain in-depth info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules that we use are constantly updated and include both commercial ones we get from a third-party security firm and custom ones which our system admins include in the event that they detect a new kind of attacks. This way, the sites that you host here will be much more protected without any action required on your end.