ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's used to stop attacks against script-driven sites by employing security rules which contain particular expressions. That way, the firewall can prevent hacking and spamming attempts and shield even sites which aren't updated frequently. As an example, numerous unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the intention to get access to the script shall trigger particular rules, so ModSecurity shall block these activities the instant it detects them. The firewall is incredibly efficient because it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it could stop an attack before any damage is done. It additionally keeps an exceptionally detailed log of all attack attempts that includes more information than typical Apache logs, so you could later examine the data and take extra measures to enhance the security of your Internet sites if needed.

ModSecurity in Shared Hosting

We offer ModSecurity with all shared hosting plans, so your web applications will be shielded from malicious attacks. The firewall is switched on as standard for all domains and subdomains, but in case you'd like, you'll be able to stop it through the respective section of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you shall discover inside Hepsia are very detailed and offer data about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, etcetera. We employ a group of commercial rules which are often updated, but sometimes our administrators include custom rules as well so as to efficiently protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting packages and if you choose to host your Internet sites with us, there won't be anything special you'll have to do given that the firewall is activated by default for all domains and subdomains you include through your hosting Control Panel. If necessary, you could disable ModSecurity for a given Internet site or activate the so-called detection mode in which case the firewall shall still function and record information, but will not do anything to prevent possible attacks on your websites. In depth logs shall be available within your CP and you will be able to see which kind of attacks happened, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, etcetera. We employ 2 sorts of rules on our servers - commercial ones from a company that operates in the field of web security, and customized ones which our administrators sometimes add to respond to newly found threats on time.

ModSecurity in Dedicated Hosting

All of our dedicated servers that are installed with the Hepsia hosting CP feature ModSecurity, so any app which you upload or set up will be protected from the very beginning and you'll not have to bother about common attacks or vulnerabilities. A separate section within Hepsia will allow you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to stop them. What you'll see in the logs can easily enable you to to secure your Internet sites better - the IP address an attack came from, what site was attacked and exactly how, what ModSecurity rule was triggered, etcetera. With this data, you can see whether a site needs an update, whether you ought to block IPs from accessing your server, etc. On top of the third-party commercial security rules for ModSecurity which we use, our admins add custom ones too when they find a new threat that's not yet included in the commercial bundle.