ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is used to stop attacks against script-driven websites by employing security rules which contain specific expressions. In this way, the firewall can block hacking and spamming attempts and preserve even Internet sites that are not updated frequently. For example, numerous unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall block these activities the instant it discovers them. The firewall is quite efficient since it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it could stop an attack before any harm is done. It additionally maintains an incredibly comprehensive log of all attack attempts which features more info than standard Apache logs, so you could later examine the data and take additional measures to boost the security of your sites if required.

ModSecurity in Web Hosting

ModSecurity comes by default with all web hosting plans that we supply and it'll be turned on automatically for any domain or subdomain you add/create inside your Hepsia hosting Control Panel. The firewall has three different modes, so you can switch on and disable it with simply a click or set it to detection mode, so it'll maintain a log of all attacks, but it shall not do anything to stop them. The log for each of your websites will contain in-depth information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are constantly updated and consist of both commercial ones we get from a third-party security firm and custom ones our system administrators include in case that they detect a new kind of attacks. That way, the Internet sites you host here shall be much more secure without any action needed on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages that we offer include ModSecurity and since the firewall is switched on by default, any website that you create under a domain or a subdomain shall be secured straight away. An independent section in the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to stop and start the firewall for any Internet site or activate a detection mode. With the last option, ModSecurity shall not take any action, but it will still identify possible attacks and will keep all information inside a log as if it were fully active. The logs can be found inside the very same section of the CP and they include info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules we employ on our web servers are a mix of commercial ones from a security company and custom ones developed by our system admins. Consequently, we offer greater security for your web applications as we can protect them from attacks even before security businesses release updates for completely new threats.

ModSecurity in Dedicated Servers

All of our dedicated servers that are installed with the Hepsia hosting CP come with ModSecurity, so any application that you upload or install will be properly secured from the very beginning and you will not need to bother about common attacks or vulnerabilities. An individual section in Hepsia will permit you to start or stop the firewall for every domain or subdomain, or switch on a detection mode so that it records details about intrusions, but does not take actions to prevent them. What you will see in the logs can help you to secure your websites better - the IP address an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, and so on. With this information, you could see whether an Internet site needs an update, if you should block IPs from accessing your server, and so forth. On top of the third-party commercial security rules for ModSecurity we use, our administrators include custom ones too whenever they come across a new threat which is not yet included in the commercial bundle.