ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is used to stop attacks towards script-driven sites by using security rules which contain particular expressions. This way, the firewall can prevent hacking and spamming attempts and preserve even Internet sites that aren't updated frequently. For example, numerous unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the purpose to get access to the script will trigger specific rules, so ModSecurity will stop these activities the instant it discovers them. The firewall is quite efficient because it screens the whole HTTP traffic to a site in real time without slowing it down, so it can easily prevent an attack before any harm is done. It also maintains an exceptionally comprehensive log of all attack attempts which contains more information than typical Apache logs, so you can later analyze the data and take additional measures to enhance the security of your sites if required.

ModSecurity in Website Hosting

We offer ModSecurity with all website hosting plans, so your web apps shall be protected against harmful attacks. The firewall is switched on by default for all domains and subdomains, but if you'd like, you will be able to stop it via the respective area of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you shall discover inside Hepsia are quite detailed and feature info about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, etcetera. We employ a range of commercial rules that are frequently updated, but sometimes our administrators add custom rules as well so as to better protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

We've integrated ModSecurity as a standard in all semi-dedicated server plans, so your web apps will be protected whenever you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts will allow you to switch on or disable the firewall for any website with a click. You shall also have the ability to turn on a passive detection mode with which ModSecurity will maintain a log of potential attacks without actually stopping them. The thorough logs contain the nature of the attack and what ModSecurity response this attack activated, where it came from, etcetera. The list of rules that we use is regularly updated as to match any new threats that may appear on the Internet and it features both commercial rules that we get from a security firm and custom-written ones which our administrators add in case they find a threat that's not present in the commercial list yet.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers that are set up with our Hepsia CP and you'll not need to do anything specific on your end to use it because it is switched on by default each time you add a new domain or subdomain on your server. In the event that it interferes with any of your programs, you will be able to stop it through the respective area of Hepsia, or you could leave it operating in passive mode, so it shall identify attacks and will still maintain a log for them, but will not prevent them. You can analyze the logs later to determine what you can do to increase the security of your sites since you shall find info such as where an intrusion attempt originated from, what website was attacked and based upon what rule ModSecurity reacted, etc. The rules which we use are commercial, thus they are regularly updated by a security firm, but to be on the safe side, our staff also add custom rules every now and then as to deal with any new threats they have found.