ModSecurity is a highly effective firewall for Apache web servers which is employed to stop attacks against web applications. It monitors the HTTP traffic to a particular site in real time and blocks any intrusion attempts the moment it discovers them. The firewall relies on a set of rules to accomplish that - as an illustration, attempting to log in to a script admin area without success many times sets off one rule, sending a request to execute a certain file that could result in getting access to the website triggers a different rule, etcetera. ModSecurity is among the best firewalls out there and it will preserve even scripts which aren't updated on a regular basis since it can prevent attackers from using known exploits and security holes. Incredibly comprehensive data about every single intrusion attempt is recorded and the logs the firewall maintains are far more comprehensive than the regular logs provided by the Apache server, so you may later take a look at them and determine whether you need to take additional measures in order to improve the protection of your script-driven sites.
ModSecurity in Dedicated Hosting
All of our dedicated servers that are installed with the Hepsia hosting CP come with ModSecurity, so any app you upload or install shall be protected from the very beginning and you'll not need to stress about common attacks or vulnerabilities. An independent section within Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records info about intrusions, but doesn't take actions to prevent them. What you will find in the logs can enable you to to secure your Internet sites better - the IP address an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, etcetera. With this info, you can see whether a website needs an update, if you ought to block IPs from accessing your hosting server, etcetera. In addition to the third-party commercial security rules for ModSecurity we use, our administrators include custom ones too whenever they come across a new threat that's not yet in the commercial bundle.