ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is used to stop attacks towards script-driven Internet sites by employing security rules that contain specific expressions. In this way, the firewall can block hacking and spamming attempts and shield even Internet sites that aren't updated regularly. For example, a number of unsuccessful login attempts to a script administrator area or attempts to execute a certain file with the objective to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the second it identifies them. The firewall is very efficient since it monitors the entire HTTP traffic to a site in real time without slowing it down, so it can easily stop an attack before any harm is done. It furthermore maintains a very detailed log of all attack attempts which features more information than traditional Apache logs, so you can later analyze the data and take additional measures to increase the security of your sites if necessary.

ModSecurity in Website Hosting

ModSecurity can be found with each and every website hosting solution that we offer and it is turned on by default for any domain or subdomain which you include via your Hepsia CP. In the event that it disrupts any of your applications or you would like to disable it for any reason, you shall be able to achieve that through the ModSecurity section of Hepsia with merely a mouse click. You can also enable a passive mode, so the firewall will discover possible attacks and keep a log, but shall not take any action. You could view extensive logs in the very same section, including the IP where the attack originated from, exactly what the attacker attempted to do and at what time, what ModSecurity did, and so forth. For maximum protection of our customers we use a collection of commercial firewall rules mixed with custom ones that are provided by our system admins.

ModSecurity in Dedicated Web Hosting

When you decide to host your websites on a dedicated server with the Hepsia Control Panel, your web applications will be secured right away since ModSecurity is provided with all Hepsia-based solutions. You shall be able to regulate the firewall without difficulty and if necessary, you will be able to turn it off or enable its passive mode when it'll only maintain a log of what's going on without taking any action to stop potential attacks. The logs which you can find in the same section of the Control Panel are very detailed and feature details about the attacker IP address, what site and file were attacked and in what way, what rule the firewall employed to stop the intrusion, and so forth. This data will allow you to take measures and enhance the security of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our administrators include whenever they recognize attacks that have not yet been included inside the commercial pack.