ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is employed to stop attacks towards script-driven Internet sites through the use of security rules that contain specific expressions. That way, the firewall can prevent hacking and spamming attempts and protect even sites which aren't updated regularly. For instance, a number of unsuccessful login attempts to a script admin area or attempts to execute a specific file with the purpose to get access to the script will trigger particular rules, so ModSecurity will block out these activities the second it discovers them. The firewall is quite efficient since it tracks the entire HTTP traffic to a website in real time without slowing it down, so it could prevent an attack before any damage is done. It also keeps an exceptionally comprehensive log of all attack attempts that contains more information than standard Apache logs, so you can later examine the data and take further measures to boost the security of your websites if needed.

ModSecurity in Cloud Hosting

ModSecurity is supplied with all cloud hosting servers, so when you choose to host your websites with our organization, they will be protected against a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you will have to do on your end. You will be able to stop ModSecurity for any site if required, or to enable a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You will be able to view comprehensive logs through your Hepsia CP including the IP where the attack came from, what the attacker wished to do and how ModSecurity handled the threat. As we take the safety of our customers' sites seriously, we use a group of commercial rules which we get from one of the best firms that maintain such rules. Our administrators also add custom rules to ensure that your sites will be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server solutions and if you decide to host your sites with us, there will not be anything special you'll need to do as the firewall is turned on by default for all domains and subdomains that you add through your hosting CP. If necessary, you can disable ModSecurity for a particular Internet site or activate the so-called detection mode in which case the firewall will still operate and record data, but won't do anything to stop possible attacks on your Internet sites. Thorough logs shall be available inside your Control Panel and you shall be able to see which kind of attacks happened, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, etc. We use 2 types of rules on our servers - commercial ones from a business which operates in the field of web security, and custom ones which our admins sometimes include to respond to newly discovered risks on time.

ModSecurity in Dedicated Servers

All of our dedicated servers which are installed with the Hepsia hosting CP come with ModSecurity, so any program that you upload or install shall be properly secured from the very beginning and you'll not need to concern yourself with common attacks or vulnerabilities. An individual section within Hepsia will allow you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you will see in the logs can easily help you to secure your websites better - the IP address an attack came from, what website was attacked and exactly how, what ModSecurity rule was triggered, etc. With this info, you can see whether an Internet site needs an update, if you need to block IPs from accessing your hosting server, and so forth. Aside from the third-party commercial security rules for ModSecurity we use, our administrators add custom ones too when they discover a new threat that's not yet a part of the commercial bundle.