Find out how having ModSecurity enabled in your website hosting account will help silently with your website security.
ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its functionality and in case it discovers an intrusion attempt, it prevents it. The firewall also maintains a more comprehensive log for the site visitors than any server does, so you shall manage to keep an eye on what's happening with your websites much better than if you rely only on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For example, it recognizes whether someone is trying to log in to the admin area of a particular script multiple times or if a request is sent to execute a file with a particular command. In such situations these attempts trigger the corresponding rules and the firewall software hinders the attempts right away, after that records comprehensive details about them inside its logs. ModSecurity is among the most effective software firewalls on the market and it can protect your web applications against many threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.
ModSecurity in Cloud Web Hosting
ModSecurity is available with every single cloud web hosting plan which we provide and it is activated by default for every domain or subdomain which you add through your Hepsia CP. In case it interferes with any of your programs or you would like to disable it for some reason, you shall be able to accomplish that through the ModSecurity section of Hepsia with just a click. You could also enable a passive mode, so the firewall will identify possible attacks and maintain a log, but shall not take any action. You could see detailed logs in the exact same section, including the IP where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so on. For maximum safety of our clients we use a group of commercial firewall rules blended with custom ones that are provided by our system admins.