ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and when it identifies an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the site visitors than any web server does, so you'll be able to keep an eye on what's happening with your websites much better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For example, it detects whether someone is attempting to log in to the administration area of a specific script several times or if a request is sent to execute a file with a specific command. In these instances these attempts trigger the corresponding rules and the software blocks the attempts in real time, after that records in-depth information about them within its logs. ModSecurity is among the best software firewalls out there and it can protect your web apps against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.

ModSecurity in Shared Hosting

ModSecurity comes standard with all shared hosting packages that we supply and it'll be turned on automatically for any domain or subdomain you add/create in your Hepsia hosting Control Panel. The firewall has three different modes, so you could activate and deactivate it with just a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to prevent them. The log for any of your Internet sites will feature in-depth information including the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules that we use are regularly updated and comprise of both commercial ones which we get from a third-party security firm and custom ones our system admins include in the event that they detect a new kind of attacks. This way, the sites that you host here shall be a lot more secure with no action required on your end.