ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is employed to prevent attacks towards script-driven Internet sites by employing security rules which contain particular expressions. That way, the firewall can block hacking and spamming attempts and shield even Internet sites which are not updated on a regular basis. For instance, several unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script will trigger certain rules, so ModSecurity shall block these activities the instant it identifies them. The firewall is very efficient because it screens the whole HTTP traffic to a website in real time without slowing it down, so it could stop an attack before any damage is done. It also keeps a very comprehensive log of all attack attempts which includes more information than traditional Apache logs, so you can later examine the data and take further measures to enhance the security of your websites if necessary.

ModSecurity in Shared Website Hosting

We offer ModSecurity with all shared website hosting solutions, so your Internet applications will be resistant to harmful attacks. The firewall is switched on as standard for all domains and subdomains, but if you'd like, you shall be able to stop it via the respective area of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you will discover in Hepsia are quite detailed and include data about the nature of any attack, when it happened and from what IP address, the firewall rule which was triggered, and so on. We use a group of commercial rules which are constantly updated, but sometimes our administrators include custom rules as well so as to efficiently protect the sites hosted on our servers.

ModSecurity in Dedicated Web Hosting

If you opt to host your websites on a dedicated server with the Hepsia CP, your web applications will be protected straight away as ModSecurity is supplied with all Hepsia-based solutions. You will be able to regulate the firewall without difficulty and if needed, you will be able to turn it off or activate its passive mode when it shall only maintain a log of what's occurring without taking any action to stop possible attacks. The logs that you can find within the very same section of the CP are really detailed and feature information about the attacker IP address, what website and file were attacked and in what way, what rule the firewall employed to stop the intrusion, etc. This data shall permit you to take measures and enhance the protection of your sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our staff add whenever they detect attacks which have not yet been included in the commercial pack.