ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is employed to prevent attacks towards script-driven Internet sites by using security rules which contain certain expressions. This way, the firewall can stop hacking and spamming attempts and preserve even sites that aren't updated frequently. For example, several failed login attempts to a script administrative area or attempts to execute a certain file with the purpose to get access to the script will trigger certain rules, so ModSecurity will stop these activities the second it discovers them. The firewall is quite efficient since it monitors the whole HTTP traffic to a website in real time without slowing it down, so it can prevent an attack before any harm is done. It also keeps a very comprehensive log of all attack attempts that includes more information than typical Apache logs, so you could later analyze the data and take additional measures to enhance the security of your websites if necessary.

ModSecurity in Shared Hosting

We provide ModSecurity with all shared hosting packages, so your Internet applications will be shielded from malicious attacks. The firewall is activated by default for all domains and subdomains, but if you would like, you'll be able to stop it via the respective section of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you shall discover inside Hepsia are incredibly detailed and feature information about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, and so on. We use a group of commercial rules that are regularly updated, but sometimes our administrators include custom rules as well in order to efficiently protect the websites hosted on our machines.

ModSecurity in Dedicated Web Hosting

When you opt to host your sites on a dedicated server with the Hepsia Control Panel, your web programs will be secured immediately since ModSecurity is available with all Hepsia-based packages. You will be able to control the firewall easily and if necessary, you shall be able to turn it off or switch on its passive mode when it will only maintain a log of what's going on without taking any action to stop possible attacks. The logs that you can find in the very same section of the Control Panel are really detailed and feature info about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, and so on. This data shall permit you to take measures and improve the security of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our admins include whenever they identify attacks that have not yet been included within the commercial pack.