ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's used to stop attacks toward script-driven Internet sites through the use of security rules which contain particular expressions. That way, the firewall can prevent hacking and spamming attempts and protect even websites that aren't updated frequently. For example, a number of unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script will trigger particular rules, so ModSecurity will block these activities the second it discovers them. The firewall is incredibly efficient as it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it can stop an attack before any damage is done. It furthermore keeps an incredibly thorough log of all attack attempts that features more info than traditional Apache logs, so you can later check out the data and take additional measures to improve the security of your sites if necessary.

ModSecurity in Shared Web Hosting

We offer ModSecurity with all shared web hosting plans, so your web applications shall be resistant to harmful attacks. The firewall is turned on as standard for all domains and subdomains, but if you'd like, you'll be able to stop it through the respective section of your Hepsia CP. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you will find inside Hepsia are very detailed and include data about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, etc. We employ a set of commercial rules which are constantly updated, but sometimes our administrators include custom rules as well in order to better protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions that we offer come with ModSecurity and since the firewall is enabled by default, any Internet site you set up under a domain or a subdomain shall be protected immediately. An individual section in the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall permit you to stop and start the firewall for any site or switch on a detection mode. With the latter, ModSecurity shall not take any action, but it shall still identify possible attacks and will keep all info inside a log as if it were fully active. The logs can be found in the exact same section of the CP and they feature information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, etc. The security rules that we employ on our servers are a mix between commercial ones from a security firm and custom ones created by our system administrators. Consequently, we offer greater security for your web programs as we can protect them from attacks even before security businesses release updates for completely new threats.

ModSecurity in Dedicated Servers Hosting

ModSecurity is provided with all dedicated servers that are integrated with our Hepsia CP and you will not need to do anything specific on your end to employ it since it's turned on by default each time you include a new domain or subdomain on your hosting server. In case it disrupts some of your programs, you'll be able to stop it via the respective part of Hepsia, or you could leave it working in passive mode, so it shall recognize attacks and shall still keep a log for them, but won't block them. You can examine the logs later to determine what you can do to increase the protection of your websites as you'll find details such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity responded, and so on. The rules we employ are commercial, thus they are constantly updated by a security company, but to be on the safe side, our administrators also include custom rules every now and then in order to deal with any new threats they have found.