ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is employed to prevent attacks against script-driven websites through the use of security rules that contain specific expressions. That way, the firewall can block hacking and spamming attempts and shield even Internet sites which aren't updated on a regular basis. For example, multiple failed login attempts to a script administrative area or attempts to execute a particular file with the intention to get access to the script shall trigger specific rules, so ModSecurity will block out these activities the second it identifies them. The firewall is extremely efficient as it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it could stop an attack before any harm is done. It also maintains an incredibly detailed log of all attack attempts that includes more info than traditional Apache logs, so you can later check out the data and take additional measures to increase the security of your websites if needed.

ModSecurity in Shared Hosting

ModSecurity is offered with each and every shared hosting solution which we provide and it's switched on by default for any domain or subdomain which you add through your Hepsia Control Panel. In the event that it disrupts any of your programs or you'd like to disable it for some reason, you will be able to accomplish that through the ModSecurity area of Hepsia with just a click. You may also activate a passive mode, so the firewall will detect possible attacks and keep a log, but won't take any action. You'll be able to view detailed logs in the exact same section, including the IP address where the attack originated from, what precisely the attacker attempted to do and at what time, what ModSecurity did, etcetera. For optimum security of our clients we use a set of commercial firewall rules combined with custom ones which are included by our system admins.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server packages and if you decide to host your websites with our company, there shall not be anything special you'll need to do since the firewall is switched on by default for all domains and subdomains which you add through your hosting Control Panel. If required, you'll be able to disable ModSecurity for a certain site or enable the so-called detection mode in which case the firewall will still operate and record info, but will not do anything to prevent possible attacks against your Internet sites. In depth logs will be readily available inside your CP and you'll be able to see what type of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, and so on. We use two sorts of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom ones which our admins occasionally include to respond to newly identified risks promptly.

ModSecurity in Dedicated Servers

If you opt to host your sites on a dedicated server with the Hepsia CP, your web apps shall be protected straight away as ModSecurity is available with all Hepsia-based packages. You'll be able to regulate the firewall easily and if required, you will be able to turn it off or enable its passive mode when it shall only keep a log of what's going on without taking any action to prevent potential attacks. The logs which you will find within the very same section of the Control Panel are extremely detailed and contain data about the attacker IP address, what site and file were attacked and in what way, what rule the firewall used to stop the intrusion, and so on. This info will allow you to take measures and enhance the security of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our admins add every time they identify attacks that haven't yet been included in the commercial pack.