ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's employed to stop attacks against script-driven sites through the use of security rules which contain specific expressions. This way, the firewall can stop hacking and spamming attempts and preserve even Internet sites that are not updated often. As an example, numerous unsuccessful login attempts to a script admin area or attempts to execute a certain file with the purpose to get access to the script will trigger certain rules, so ModSecurity will stop these activities the moment it identifies them. The firewall is incredibly efficient because it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It also maintains a very thorough log of all attack attempts which features more information than conventional Apache logs, so you can later analyze the data and take further measures to increase the security of your websites if needed.

ModSecurity in Cloud Hosting

ModSecurity is supplied with all cloud hosting servers, so when you decide to host your sites with our organization, they'll be resistant to a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you shall need to do on your end. You'll be able to stop ModSecurity for any site if required, or to switch on a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view specific logs using your Hepsia Control Panel including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity handled the threat. Since we take the protection of our customers' Internet sites seriously, we use a selection of commercial rules that we get from one of the leading companies which maintain this type of rules. Our admins also include custom rules to make certain that your sites shall be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server packages and if you decide to host your sites with our company, there won't be anything special you'll need to do since the firewall is switched on by default for all domains and subdomains which you include via your hosting CP. If needed, you could disable ModSecurity for a certain website or turn on the so-called detection mode in which case the firewall shall still function and record data, but shall not do anything to stop possible attacks on your sites. Thorough logs shall be accessible within your CP and you shall be able to see what type of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, and so on. We employ two kinds of rules on our servers - commercial ones from a company which operates in the field of web security, and customized ones which our admins occasionally include to respond to newly found threats promptly.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers that are set up with our Hepsia Control Panel and you will not have to do anything specific on your end to employ it since it is activated by default every time you add a new domain or subdomain on your web server. In the event that it interferes with any of your apps, you will be able to stop it via the respective part of Hepsia, or you can leave it working in passive mode, so it'll recognize attacks and will still keep a log for them, but shall not stop them. You'll be able to analyze the logs later to determine what you can do to boost the safety of your Internet sites as you will find info such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity reacted, etc. The rules which we use are commercial, thus they are frequently updated by a security provider, but to be on the safe side, our administrators also include custom rules once in a while as to respond to any new threats they have found.