ModSecurity is a highly effective firewall for Apache web servers that's employed to prevent attacks towards web apps. It tracks the HTTP traffic to a specific website in real time and blocks any intrusion attempts the moment it detects them. The firewall uses a set of rules to accomplish that - as an example, trying to log in to a script administrator area without success several times activates one rule, sending a request to execute a certain file which could result in gaining access to the site triggers a different rule, and so forth. ModSecurity is among the best firewalls available on the market and it'll preserve even scripts which aren't updated regularly because it can prevent attackers from using known exploits and security holes. Incredibly thorough info about every intrusion attempt is recorded and the logs the firewall maintains are much more comprehensive than the regular logs created by the Apache server, so you can later examine them and determine if you need to take more measures in order to improve the security of your script-driven Internet sites.
ModSecurity in Web Hosting
ModSecurity is offered with every single web hosting package that we offer and it is turned on by default for every domain or subdomain that you include via your Hepsia Control Panel. If it disrupts any of your apps or you'd like to disable it for any reason, you'll be able to do this through the ModSecurity section of Hepsia with just a click. You can also use a passive mode, so the firewall will recognize potential attacks and maintain a log, but shall not take any action. You'll be able to view comprehensive logs in the very same section, including the IP where the attack originated from, what precisely the attacker attempted to do and at what time, what ModSecurity did, and so forth. For maximum security of our clients we use a collection of commercial firewall rules combined with custom ones which are provided by our system admins.