ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It is employed to prevent attacks towards script-driven Internet sites through the use of security rules that contain specific expressions. That way, the firewall can block hacking and spamming attempts and preserve even sites that aren't updated frequently. As an example, numerous unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the objective to get access to the script shall trigger specific rules, so ModSecurity will stop these activities the moment it detects them. The firewall is extremely efficient because it monitors the whole HTTP traffic to a site in real time without slowing it down, so it could prevent an attack before any damage is done. It furthermore keeps an exceptionally comprehensive log of all attack attempts which includes more information than conventional Apache logs, so you can later analyze the data and take extra measures to boost the security of your sites if needed.

ModSecurity in Cloud Hosting

ModSecurity is supplied with all cloud hosting servers, so when you decide to host your websites with our company, they shall be resistant to a wide range of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you'll have to do on your end. You will be able to stop ModSecurity for any Internet site if necessary, or to activate a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view specific logs via your Hepsia Control Panel including the IP where the attack originated from, what the attacker planned to do and how ModSecurity addressed the threat. As we take the security of our customers' sites seriously, we employ a selection of commercial rules that we get from one of the top firms that maintain this kind of rules. Our administrators also add custom rules to ensure that your sites will be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting solutions and if you choose to host your Internet sites with our company, there shall not be anything special you'll need to do as the firewall is switched on by default for all domains and subdomains you include through your hosting Control Panel. If necessary, you'll be able to disable ModSecurity for a particular website or turn on the so-called detection mode in which case the firewall will still operate and record info, but shall not do anything to prevent possible attacks on your websites. Thorough logs shall be readily available inside your Control Panel and you'll be able to see what sort of attacks happened, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, etcetera. We employ 2 sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and custom made ones that our administrators occasionally include to respond to newly identified risks on time.

ModSecurity in Dedicated Hosting

ModSecurity is provided with all dedicated servers that are set up with our Hepsia Control Panel and you will not have to do anything specific on your end to use it as it's turned on by default every time you add a new domain or subdomain on your web server. In case it disrupts some of your programs, you shall be able to stop it via the respective area of Hepsia, or you could leave it operating in passive mode, so it will detect attacks and will still keep a log for them, but will not prevent them. You could analyze the logs later to determine what you can do to enhance the protection of your Internet sites as you shall find info such as where an intrusion attempt came from, what Internet site was attacked and in accordance with what rule ModSecurity reacted, etc. The rules that we employ are commercial, hence they're regularly updated by a security company, but to be on the safe side, our admins also add custom rules every now and then as to deal with any new threats they have discovered.