ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is used to stop attacks towards script-driven websites through the use of security rules that contain specific expressions. This way, the firewall can stop hacking and spamming attempts and shield even sites which aren't updated frequently. For instance, several unsuccessful login attempts to a script admin area or attempts to execute a particular file with the purpose to get access to the script will trigger particular rules, so ModSecurity shall block out these activities the instant it discovers them. The firewall is quite efficient as it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it can prevent an attack before any damage is done. It also keeps an exceptionally comprehensive log of all attack attempts which includes more information than conventional Apache logs, so you could later check out the data and take extra measures to enhance the security of your Internet sites if necessary.

ModSecurity in Cloud Web Hosting

ModSecurity comes standard with all cloud web hosting plans which we supply and it shall be switched on automatically for any domain or subdomain which you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you could switch on and deactivate it with simply a click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to stop them. The log for each of your websites will feature detailed information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules we use are regularly updated and consist of both commercial ones we get from a third-party security business and custom ones that our system administrators add in the event that they detect a new sort of attacks. That way, the websites you host here shall be much more secure with no action expected on your end.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server packages and if you opt to host your Internet sites with our company, there won't be anything special you'll need to do since the firewall is turned on by default for all domains and subdomains which you include using your hosting Control Panel. If required, you can disable ModSecurity for a particular site or turn on the so-called detection mode in which case the firewall will still function and record info, but won't do anything to stop possible attacks on your sites. Comprehensive logs shall be accessible within your CP and you'll be able to see what sort of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, etc. We use 2 sorts of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom ones that our administrators often include to respond to newly identified threats in a timely manner.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers which are set up with our Hepsia CP and you won't have to do anything specific on your end to use it because it's enabled by default each time you add a new domain or subdomain on your hosting server. In case it disrupts any of your programs, you shall be able to stop it through the respective section of Hepsia, or you may leave it working in passive mode, so it'll detect attacks and will still keep a log for them, but shall not stop them. You can analyze the logs later to learn what you can do to improve the safety of your websites since you will find info such as where an intrusion attempt originated from, what website was attacked and based on what rule ModSecurity responded, and so forth. The rules we employ are commercial, therefore they are regularly updated by a security company, but to be on the safe side, our admins also add custom rules every now and then as to deal with any new threats they have found.