ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It is used to prevent attacks toward script-driven websites by employing security rules which contain specific expressions. In this way, the firewall can stop hacking and spamming attempts and preserve even websites which aren't updated regularly. For example, several failed login attempts to a script administrative area or attempts to execute a certain file with the objective to get access to the script shall trigger specific rules, so ModSecurity shall block these activities the moment it detects them. The firewall is very efficient since it screens the entire HTTP traffic to a website in real time without slowing it down, so it could stop an attack before any harm is done. It furthermore keeps an incredibly comprehensive log of all attack attempts which features more information than standard Apache logs, so you can later analyze the data and take further measures to improve the security of your Internet sites if needed.

ModSecurity in Shared Hosting

ModSecurity comes by default with all shared hosting packages that we offer and it'll be turned on automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and disable it with just a click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to stop them. The log for each of your Internet sites will contain in-depth information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are frequently updated and comprise of both commercial ones that we get from a third-party security company and custom ones that our system admins add in the event that they detect a new sort of attacks. In this way, the Internet sites you host here will be a lot more secure without any action expected on your end.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting packages and if you opt to host your sites with us, there shall not be anything special you will have to do since the firewall is switched on by default for all domains and subdomains that you include via your hosting CP. If needed, you could disable ModSecurity for a particular website or activate the so-called detection mode in which case the firewall shall still work and record data, but shall not do anything to stop possible attacks on your sites. Detailed logs shall be available inside your Control Panel and you will be able to see what sort of attacks occurred, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, etcetera. We employ two types of rules on our servers - commercial ones from a company which operates in the field of web security, and custom ones that our admins often include to respond to newly identified risks on time.

ModSecurity in Dedicated Servers Hosting

ModSecurity is included with all dedicated servers which are integrated with our Hepsia CP and you will not have to do anything specific on your end to use it because it is turned on by default whenever you add a new domain or subdomain on your web server. In case it interferes with any of your programs, you will be able to stop it through the respective part of Hepsia, or you may leave it in passive mode, so it'll detect attacks and shall still keep a log for them, but will not block them. You could examine the logs later to determine what you can do to improve the protection of your sites since you'll find information such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity reacted, and so forth. The rules we use are commercial, therefore they're frequently updated by a security firm, but to be on the safe side, our administrators also add custom rules once in a while in order to respond to any new threats they have found.