ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is used to prevent attacks towards script-driven Internet sites by using security rules that contain certain expressions. In this way, the firewall can block hacking and spamming attempts and shield even Internet sites which are not updated often. For example, a number of unsuccessful login attempts to a script admin area or attempts to execute a certain file with the objective to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the second it discovers them. The firewall is incredibly efficient because it screens the whole HTTP traffic to a site in real time without slowing it down, so it could prevent an attack before any harm is done. It also maintains an incredibly detailed log of all attack attempts which includes more information than standard Apache logs, so you could later analyze the data and take extra measures to improve the security of your Internet sites if needed.
ModSecurity in Semi-dedicated Hosting
We have incorporated ModSecurity as a standard within all semi-dedicated hosting packages, so your web applications shall be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will permit you to switch on or turn off the firewall for any Internet site with a click. You'll also be able to activate a passive detection mode with which ModSecurity will maintain a log of possible attacks without actually stopping them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack initiated, where it originated from, and so on. The list of rules which we employ is frequently updated as to match any new threats that might appear on the Internet and it comes with both commercial rules that we get from a security company and custom-written ones that our administrators include in the event that they discover a threat which is not present in the commercial list yet.