ModSecurity
Find out what ModSecurity is in fact, how it works and what actually it does to guard your web sites and web apps.
ModSecurity is a highly effective firewall for Apache web servers that is employed to prevent attacks toward web apps. It keeps track of the HTTP traffic to a given Internet site in real time and stops any intrusion attempts the instant it identifies them. The firewall uses a set of rules to do this - as an illustration, trying to log in to a script admin area unsuccessfully a few times activates one rule, sending a request to execute a specific file which could result in accessing the website triggers a different rule, and so forth. ModSecurity is one of the best firewalls around and it'll secure even scripts that aren't updated regularly because it can prevent attackers from employing known exploits and security holes. Very thorough data about every intrusion attempt is recorded and the logs the firewall maintains are considerably more comprehensive than the regular logs provided by the Apache server, so you could later examine them and decide whether you need to take additional measures in order to increase the safety of your script-driven websites.
ModSecurity in Shared Website Hosting
ModSecurity can be found with every single shared website hosting plan which we offer and it's switched on by default for every domain or subdomain which you include through your Hepsia Control Panel. If it interferes with any of your apps or you would like to disable it for whatever reason, you will be able to accomplish that through the ModSecurity area of Hepsia with simply a mouse click. You could also activate a passive mode, so the firewall will detect potential attacks and maintain a log, but will not take any action. You could see extensive logs in the very same section, including the IP where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, etcetera. For maximum safety of our clients we use a group of commercial firewall rules mixed with custom ones which are provided by our system admins.