Learn what ModSecurity actually is, how it operates and just what exactly it does to shield your websites and web applications.
ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its functionality and in case it identifies an intrusion attempt, it blocks it. The firewall furthermore maintains a more detailed log for the site visitors than any server does, so you will manage to keep an eye on what is happening with your sites much better than if you rely only on conventional logs. ModSecurity uses security rules based on which it stops attacks. For example, it recognizes if somebody is attempting to log in to the admin area of a particular script several times or if a request is sent to execute a file with a certain command. In these circumstances these attempts set off the corresponding rules and the firewall software blocks the attempts in real time, after that records comprehensive details about them within its logs. ModSecurity is among the most effective software firewalls available and it can easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.
ModSecurity in Cloud Web Hosting
ModSecurity can be found with each cloud web hosting plan which we provide and it is activated by default for any domain or subdomain which you add via your Hepsia Control Panel. If it interferes with any of your applications or you would like to disable it for some reason, you will be able to accomplish that through the ModSecurity section of Hepsia with just a mouse click. You may also activate a passive mode, so the firewall will identify possible attacks and maintain a log, but shall not take any action. You'll be able to view comprehensive logs in the very same section, including the IP address where the attack came from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so forth. For max security of our clients we use a set of commercial firewall rules combined with custom ones that are included by our system administrators.