ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is used to stop attacks against script-driven sites by using security rules which contain certain expressions. In this way, the firewall can prevent hacking and spamming attempts and protect even Internet sites that aren't updated frequently. For instance, a number of failed login attempts to a script administrator area or attempts to execute a specific file with the objective to get access to the script shall trigger specific rules, so ModSecurity shall stop these activities the minute it identifies them. The firewall is extremely efficient as it tracks the entire HTTP traffic to a site in real time without slowing it down, so it can easily stop an attack before any damage is done. It also maintains a very comprehensive log of all attack attempts which features more information than typical Apache logs, so you could later check out the data and take extra measures to increase the security of your sites if required.

ModSecurity in Website Hosting

ModSecurity is provided with all website hosting servers, so when you opt to host your sites with our firm, they'll be shielded from an array of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any Internet site if needed, or to activate a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view detailed logs using your Hepsia CP including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the security of our clients' Internet sites seriously, we employ a selection of commercial rules which we get from one of the best firms that maintain this type of rules. Our administrators also add custom rules to ensure that your sites will be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server packages and if you decide to host your sites with us, there won't be anything special you'll need to do given that the firewall is switched on by default for all domains and subdomains that you include through your hosting CP. If required, you'll be able to disable ModSecurity for a given Internet site or activate the so-called detection mode in which case the firewall shall still operate and record data, but shall not do anything to stop possible attacks on your sites. Thorough logs will be accessible inside your Control Panel and you will be able to see which kind of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, and so on. We use two kinds of rules on our servers - commercial ones from a company that operates in the field of web security, and custom ones that our admins sometimes include to respond to newly discovered threats promptly.

ModSecurity in Dedicated Servers

All of our dedicated servers which are set up with the Hepsia hosting CP feature ModSecurity, so any app which you upload or set up will be protected from the very beginning and you will not have to bother about common attacks or vulnerabilities. An individual section inside Hepsia will allow you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you shall find in the logs can easily help you to secure your Internet sites better - the IP an attack originated from, what site was attacked and how, what ModSecurity rule was triggered, and so on. With this data, you can see whether a website needs an update, whether you need to block IPs from accessing your hosting server, etc. In addition to the third-party commercial security rules for ModSecurity we use, our administrators add custom ones too whenever they find a new threat which is not yet in the commercial bundle.