ModSecurity
Learn what ModSecurity is really, what it does and what precisely it does to defend your web sites and apps.
ModSecurity is a powerful firewall for Apache web servers which is used to stop attacks against web applications. It keeps track of the HTTP traffic to a certain site in real time and blocks any intrusion attempts the instant it detects them. The firewall relies on a set of rules to accomplish that - as an example, trying to log in to a script administration area without success many times triggers one rule, sending a request to execute a certain file that could result in accessing the website triggers a different rule, etc. ModSecurity is amongst the best firewalls on the market and it will preserve even scripts that are not updated regularly because it can prevent attackers from employing known exploits and security holes. Very thorough data about each intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the conventional logs created by the Apache server, so you could later examine them and decide if you need to take additional measures so as to enhance the safety of your script-driven websites.
-
ModSecurity in Shared Web Hosting
ModSecurity comes standard with all
shared web hosting plans that we provide and it will be activated automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and disable it with a mouse click or set it to detection mode, so it'll keep a log of all attacks, but it shall not do anything to stop them. The log for any of your websites will contain comprehensive information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules that we use are frequently updated and incorporate both commercial ones which we get from a third-party security firm and custom ones that our system administrators include in the event that they detect a new sort of attacks. This way, the sites that you host here will be a lot more secure with no action required on your end.