ModSecurity is a highly effective firewall for Apache web servers which is employed to stop attacks towards web applications. It keeps track of the HTTP traffic to a specific Internet site in real time and stops any intrusion attempts the moment it detects them. The firewall uses a set of rules to do that - for example, attempting to log in to a script administration area without success a few times activates one rule, sending a request to execute a certain file that may result in getting access to the website triggers a different rule, etcetera. ModSecurity is amongst the best firewalls around and it will protect even scripts which are not updated often as it can prevent attackers from using known exploits and security holes. Very detailed info about every single intrusion attempt is recorded and the logs the firewall keeps are a lot more detailed than the standard logs created by the Apache server, so you may later take a look at them and decide if you need to take more measures in order to enhance the protection of your script-driven sites.

ModSecurity in Web Hosting

ModSecurity can be found with every single web hosting plan that we offer and it is switched on by default for every domain or subdomain which you add via your Hepsia Control Panel. In case it interferes with any of your programs or you would like to disable it for any reason, you shall be able to do that through the ModSecurity area of Hepsia with merely a click. You may also enable a passive mode, so the firewall will recognize potential attacks and keep a log, but will not take any action. You can view comprehensive logs in the exact same section, including the IP address where the attack originated from, what exactly the attacker attempted to do and at what time, what ModSecurity did, etcetera. For max security of our clients we use a group of commercial firewall rules blended with custom ones which are added by our system admins.