ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and in case it identifies an intrusion attempt, it prevents it. The firewall additionally maintains a more detailed log for the traffic than any server does, so you shall manage to keep an eye on what is going on with your sites better than if you rely simply on conventional logs. ModSecurity employs security rules based on which it stops attacks. For example, it identifies whether someone is trying to log in to the administration area of a given script several times or if a request is sent to execute a file with a particular command. In such situations these attempts trigger the corresponding rules and the firewall blocks the attempts immediately, then records detailed details about them within its logs. ModSecurity is among the very best software firewalls out there and it can easily protect your web applications against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins often.
ModSecurity in Cloud Hosting
We offer ModSecurity with all cloud hosting plans, so your web apps shall be protected against destructive attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you shall be able to stop it via the respective area of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you'll find within Hepsia are incredibly detailed and include information about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, etc. We use a range of commercial rules which are regularly updated, but sometimes our admins include custom rules as well so as to better protect the sites hosted on our machines.