ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's employed to prevent attacks against script-driven websites through the use of security rules which contain particular expressions. In this way, the firewall can stop hacking and spamming attempts and preserve even sites which are not updated frequently. As an example, multiple unsuccessful login attempts to a script administrator area or attempts to execute a certain file with the objective to get access to the script shall trigger particular rules, so ModSecurity shall block these activities the minute it detects them. The firewall is incredibly efficient because it monitors the whole HTTP traffic to a website in real time without slowing it down, so it could stop an attack before any harm is done. It also keeps an exceptionally comprehensive log of all attack attempts which contains more info than typical Apache logs, so you can later examine the data and take extra measures to increase the security of your sites if required.

ModSecurity in Web Hosting

We offer ModSecurity with all web hosting packages, so your web apps shall be shielded from destructive attacks. The firewall is turned on by default for all domains and subdomains, but if you'd like, you'll be able to stop it via the respective area of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you'll find in Hepsia are incredibly detailed and feature information about the nature of any attack, when it occurred and from what IP, the firewall rule that was triggered, and so on. We employ a range of commercial rules which are frequently updated, but sometimes our administrators add custom rules as well in order to better protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages which we offer feature ModSecurity and because the firewall is enabled by default, any Internet site which you create under a domain or a subdomain shall be protected right from the start. An individual section in the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it shall allow you to start and stop the firewall for any site or switch on a detection mode. With the last mentioned, ModSecurity will not take any action, but it'll still identify possible attacks and shall keep all information within a log as if it were 100% active. The logs could be found inside the very same section of the CP and they offer specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules we employ on our servers are a mix of commercial ones from a security firm and custom ones developed by our system administrators. For that reason, we provide greater security for your web apps as we can protect them from attacks before security corporations release updates for new threats.

ModSecurity in Dedicated Servers Hosting

ModSecurity is provided with all dedicated servers that are set up with our Hepsia CP and you won't have to do anything specific on your end to employ it because it is activated by default whenever you include a new domain or subdomain on your web server. In the event that it disrupts some of your applications, you'll be able to stop it via the respective section of Hepsia, or you can leave it operating in passive mode, so it will identify attacks and will still keep a log for them, but will not block them. You could examine the logs later to find out what you can do to increase the protection of your Internet sites since you shall find details such as where an intrusion attempt originated from, what Internet site was attacked and based upon what rule ModSecurity responded, etcetera. The rules that we use are commercial, thus they are regularly updated by a security provider, but to be on the safe side, our admins also include custom rules every now and then in order to respond to any new threats they have found.