ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is used to prevent attacks against script-driven Internet sites through the use of security rules which contain certain expressions. That way, the firewall can stop hacking and spamming attempts and preserve even Internet sites that aren't updated regularly. For example, a number of failed login attempts to a script admin area or attempts to execute a particular file with the intention to get access to the script shall trigger specific rules, so ModSecurity shall block these activities the instant it identifies them. The firewall is quite efficient as it tracks the entire HTTP traffic to a site in real time without slowing it down, so it can easily prevent an attack before any damage is done. It additionally keeps an exceptionally thorough log of all attack attempts which features more information than typical Apache logs, so you could later check out the data and take extra measures to improve the security of your sites if required.

ModSecurity in Shared Hosting

We provide ModSecurity with all shared hosting packages, so your web applications shall be protected against harmful attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you'll be able to stop it using the respective area of your Hepsia Control Panel. You could also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you'll find inside Hepsia are incredibly detailed and feature information about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, etc. We employ a range of commercial rules which are frequently updated, but sometimes our admins add custom rules as well in order to better protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions which we offer feature ModSecurity and given that the firewall is switched on by default, any website you build under a domain or a subdomain will be secured right away. A separate section inside the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall allow you to stop and start the firewall for any site or switch on a detection mode. With the latter, ModSecurity won't take any action, but it will still identify possible attacks and will keep all info inside a log as if it were 100% active. The logs could be found inside the very same section of the Control Panel and they include information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules that we use on our servers are a mix between commercial ones from a security firm and custom ones created by our system administrators. Therefore, we provide greater security for your web apps as we can defend them from attacks before security companies release updates for new threats.

ModSecurity in Dedicated Servers Hosting

If you choose to host your sites on a dedicated server with the Hepsia Control Panel, your web programs will be protected right from the start since ModSecurity is provided with all Hepsia-based packages. You shall be able to manage the firewall without difficulty and if necessary, you'll be able to turn it off or activate its passive mode when it will only keep a log of what is occurring without taking any action to stop possible attacks. The logs which you'll find within the very same section of the CP are quite detailed and feature details about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so on. This info will permit you to take measures and enhance the protection of your websites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our staff add whenever they identify attacks which haven't yet been included in the commercial pack.