ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is employed to prevent attacks against script-driven sites by using security rules which contain specific expressions. This way, the firewall can block hacking and spamming attempts and protect even Internet sites that are not updated regularly. For instance, numerous unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the objective to get access to the script shall trigger specific rules, so ModSecurity will block out these activities the instant it identifies them. The firewall is extremely efficient because it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it can stop an attack before any damage is done. It also maintains an incredibly thorough log of all attack attempts that features more information than conventional Apache logs, so you could later examine the data and take additional measures to increase the security of your sites if required.
ModSecurity in Website Hosting
ModSecurity comes by default with all website hosting solutions that we offer and it will be switched on automatically for any domain or subdomain you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you can activate and disable it with just a mouse click or set it to detection mode, so it will keep a log of all attacks, but it shall not do anything to prevent them. The log for each of your sites shall contain elaborate information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules that we use are constantly updated and comprise of both commercial ones we get from a third-party security firm and custom ones which our system admins include in the event that they detect a new type of attacks. In this way, the websites you host here shall be way more secure with no action needed on your end.