ModSecurity is a powerful firewall for Apache web servers that's used to stop attacks towards web apps. It tracks the HTTP traffic to a given Internet site in real time and blocks any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to do this - for example, attempting to log in to a script admin area unsuccessfully several times triggers one rule, sending a request to execute a particular file that could result in gaining access to the site triggers a different rule, etcetera. ModSecurity is amongst the best firewalls out there and it'll secure even scripts which aren't updated frequently since it can prevent attackers from using known exploits and security holes. Quite thorough data about every single intrusion attempt is recorded and the logs the firewall maintains are a lot more detailed than the standard logs provided by the Apache server, so you can later take a look at them and determine if you need to take extra measures so as to enhance the safety of your script-driven websites.
ModSecurity in Web Hosting
ModSecurity is available with each web hosting plan which we provide and it's turned on by default for every domain or subdomain that you include via your Hepsia Control Panel. In case it interferes with any of your programs or you'd like to disable it for whatever reason, you'll be able to do this through the ModSecurity section of Hepsia with merely a mouse click. You can also use a passive mode, so the firewall will recognize potential attacks and keep a log, but will not take any action. You can view comprehensive logs in the same section, including the IP where the attack originated from, what precisely the attacker attempted to do and at what time, what ModSecurity did, etc. For maximum safety of our clients we use a collection of commercial firewall rules blended with custom ones which are included by our system admins.