ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its functionality and in case it detects an intrusion attempt, it blocks it. The firewall additionally keeps a more comprehensive log for the traffic than any web server does, so you will manage to keep track of what is going on with your websites much better than if you rely merely on standard logs. ModSecurity employs security rules based on which it prevents attacks. For example, it identifies whether anyone is attempting to log in to the admin area of a specific script multiple times or if a request is sent to execute a file with a specific command. In these instances these attempts trigger the corresponding rules and the software blocks the attempts immediately, and then records in-depth information about them within its logs. ModSecurity is among the best software firewalls available and it could easily protect your web applications against a huge number of threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.

ModSecurity in Shared Website Hosting

ModSecurity comes standard with all shared website hosting plans that we provide and it shall be switched on automatically for any domain or subdomain you add/create within your Hepsia hosting CP. The firewall has three different modes, so you'll be able to activate and disable it with only a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to stop them. The log for each of your sites will feature comprehensive information such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are regularly updated and incorporate both commercial ones that we get from a third-party security firm and custom ones that our system admins include in the event that they detect a new sort of attacks. This way, the Internet sites that you host here shall be far more protected without any action needed on your end.