ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is employed to stop attacks towards script-driven sites through the use of security rules that contain particular expressions. This way, the firewall can block hacking and spamming attempts and protect even sites that aren't updated often. For instance, multiple unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the purpose to get access to the script shall trigger certain rules, so ModSecurity shall stop these activities the instant it detects them. The firewall is incredibly efficient since it tracks the whole HTTP traffic to a website in real time without slowing it down, so it can prevent an attack before any harm is done. It additionally keeps a very detailed log of all attack attempts that includes more information than standard Apache logs, so you can later check out the data and take additional measures to increase the security of your Internet sites if necessary.

ModSecurity in Hosting

ModSecurity is provided with all hosting servers, so if you decide to host your sites with our firm, they will be resistant to a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you shall need to do on your end. You shall be able to stop ModSecurity for any website if needed, or to enable a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You'll be able to view comprehensive logs through your Hepsia CP including the IP address where the attack came from, what the attacker wished to do and how ModSecurity addressed the threat. Since we take the safety of our clients' Internet sites very seriously, we employ a collection of commercial rules which we get from one of the best firms that maintain such rules. Our administrators also add custom rules to ensure that your Internet sites shall be protected against as many risks as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting plans and if you choose to host your websites with us, there won't be anything special you will have to do since the firewall is activated by default for all domains and subdomains you add using your hosting CP. If required, you'll be able to disable ModSecurity for a particular site or enable the so-called detection mode in which case the firewall shall still work and record information, but won't do anything to stop possible attacks on your sites. Comprehensive logs will be available within your Control Panel and you shall be able to see what sort of attacks took place, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, and so on. We employ two types of rules on our servers - commercial ones from a business that operates in the field of web security, and custom ones which our administrators sometimes include to respond to newly identified threats promptly.

ModSecurity in Dedicated Hosting

When you choose to host your sites on a dedicated server with the Hepsia Control Panel, your web applications shall be secured straight away as ModSecurity is available with all Hepsia-based packages. You shall be able to control the firewall without difficulty and if necessary, you will be able to turn it off or enable its passive mode when it'll only keep a log of what's taking place without taking any action to prevent possible attacks. The logs which you will find in the exact same section of the Control Panel are quite detailed and include info about the attacker IP, what site and file were attacked and in what way, what rule the firewall employed to stop the intrusion, etc. This info will enable you to take measures and enhance the protection of your sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our administrators include every time they recognize attacks which have not yet been included within the commercial pack.