ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's used to stop attacks towards script-driven sites by using security rules which contain certain expressions. This way, the firewall can prevent hacking and spamming attempts and shield even sites which are not updated frequently. For example, numerous unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the objective to get access to the script will trigger specific rules, so ModSecurity shall block out these activities the second it detects them. The firewall is extremely efficient as it tracks the whole HTTP traffic to a site in real time without slowing it down, so it could prevent an attack before any damage is done. It additionally maintains a very thorough log of all attack attempts that features more information than traditional Apache logs, so you can later examine the data and take extra measures to enhance the security of your websites if required.

ModSecurity in Shared Hosting

We offer ModSecurity with all shared hosting plans, so your Internet applications will be shielded from malicious attacks. The firewall is activated as standard for all domains and subdomains, but in case you'd like, you'll be able to stop it through the respective area of your Hepsia Control Panel. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you'll discover within Hepsia are quite detailed and feature info about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, and so forth. We employ a range of commercial rules that are constantly updated, but sometimes our admins add custom rules as well in order to efficiently protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

Any web application you install inside your new semi-dedicated server account shall be protected by ModSecurity because the firewall is included with all our hosting solutions and is turned on by default for any domain and subdomain which you add or create using your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated area in Hepsia where not only could you activate or deactivate it completely, but you may also switch on a passive mode, so the firewall will not block anything, but it shall still keep an archive of possible attacks. This takes only a mouse click and you will be able to see the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, etcetera. The firewall uses two groups of rules on our servers - a commercial one which we get from a third-party web security company and a custom one which our administrators update manually as to respond to newly discovered risks as fast as possible.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers which are integrated with our Hepsia CP and you'll not have to do anything specific on your end to use it as it is switched on by default every time you include a new domain or subdomain on your hosting server. In the event that it interferes with some of your applications, you shall be able to stop it through the respective area of Hepsia, or you may leave it operating in passive mode, so it will detect attacks and shall still keep a log for them, but will not block them. You'll be able to examine the logs later to determine what you can do to increase the protection of your Internet sites since you will find details such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity reacted, etc. The rules which we use are commercial, thus they are regularly updated by a security company, but to be on the safe side, our admins also include custom rules from time to time as to react to any new threats they have found.