ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is employed to prevent attacks towards script-driven websites by employing security rules that contain specific expressions. That way, the firewall can stop hacking and spamming attempts and preserve even sites that are not updated on a regular basis. For instance, several unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the intention to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the minute it identifies them. The firewall is incredibly efficient since it tracks the entire HTTP traffic to a website in real time without slowing it down, so it can stop an attack before any harm is done. It also keeps an exceptionally detailed log of all attack attempts that contains more information than standard Apache logs, so you could later analyze the data and take extra measures to increase the security of your websites if necessary.

ModSecurity in Shared Website Hosting

We provide ModSecurity with all shared website hosting packages, so your Internet applications will be protected against malicious attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you shall be able to stop it via the respective part of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you shall find inside Hepsia are extremely detailed and feature info about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, and so forth. We employ a range of commercial rules which are regularly updated, but sometimes our administrators include custom rules as well in order to efficiently protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server plans and if you decide to host your Internet sites with us, there will not be anything special you'll need to do since the firewall is switched on by default for all domains and subdomains which you add using your hosting Control Panel. If necessary, you'll be able to disable ModSecurity for a certain Internet site or enable the so-called detection mode in which case the firewall shall still operate and record data, but will not do anything to stop possible attacks against your Internet sites. Thorough logs will be available within your CP and you'll be able to see what sort of attacks took place, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, and so on. We employ 2 sorts of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom made ones which our admins often add to respond to newly discovered threats in a timely manner.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers which are set up with our Hepsia CP and you won't need to do anything specific on your end to use it as it's enabled by default each time you include a new domain or subdomain on your web server. If it interferes with some of your programs, you shall be able to stop it via the respective section of Hepsia, or you can leave it working in passive mode, so it will identify attacks and shall still keep a log for them, but won't prevent them. You may look at the logs later to learn what you can do to boost the safety of your websites as you'll find information such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity responded, and so on. The rules that we employ are commercial, hence they are frequently updated by a security firm, but to be on the safe side, our admins also include custom rules every now and then as to react to any new threats they have found.