ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's employed to stop attacks against script-driven websites by using security rules which contain particular expressions. That way, the firewall can prevent hacking and spamming attempts and protect even websites which are not updated regularly. As an example, numerous unsuccessful login attempts to a script admin area or attempts to execute a certain file with the objective to get access to the script will trigger particular rules, so ModSecurity shall block out these activities the minute it discovers them. The firewall is quite efficient since it screens the whole HTTP traffic to a website in real time without slowing it down, so it could stop an attack before any harm is done. It also keeps an incredibly thorough log of all attack attempts which includes more information than standard Apache logs, so you could later check out the data and take further measures to boost the security of your sites if required.

ModSecurity in Shared Hosting

ModSecurity is available with each and every shared hosting plan which we offer and it's turned on by default for any domain or subdomain which you include via your Hepsia CP. In case it interferes with any of your applications or you'd like to disable it for any reason, you will be able to do that through the ModSecurity section of Hepsia with just a mouse click. You could also use a passive mode, so the firewall will discover potential attacks and maintain a log, but will not take any action. You could view comprehensive logs in the very same section, including the IP where the attack came from, what precisely the attacker attempted to do and at what time, what ModSecurity did, etc. For max security of our customers we use a collection of commercial firewall rules blended with custom ones which are provided by our system admins.

ModSecurity in Dedicated Web Hosting

If you decide to host your Internet sites on a dedicated server with the Hepsia CP, your web applications shall be secured immediately since ModSecurity is available with all Hepsia-based packages. You'll be able to regulate the firewall with ease and if required, you will be able to turn it off or activate its passive mode when it'll only keep a log of what is going on without taking any action to stop potential attacks. The logs that you'll find within the very same section of the CP are quite detailed and feature info about the attacker IP address, what site and file were attacked and in what way, what rule the firewall employed to stop the intrusion, and so on. This information will allow you to take measures and improve the protection of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our admins add whenever they identify attacks that have not yet been included in the commercial pack.