ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's used to prevent attacks toward script-driven Internet sites by employing security rules which contain specific expressions. In this way, the firewall can prevent hacking and spamming attempts and preserve even websites which aren't updated often. For example, numerous unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the purpose to get access to the script will trigger certain rules, so ModSecurity will block out these activities the minute it discovers them. The firewall is incredibly efficient because it tracks the entire HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It also keeps an exceptionally detailed log of all attack attempts that includes more info than conventional Apache logs, so you could later analyze the data and take extra measures to improve the security of your websites if required.

ModSecurity in Website Hosting

ModSecurity is provided with all website hosting web servers, so when you opt to host your Internet sites with our organization, they shall be resistant to a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there will be nothing you'll have to do on your end. You'll be able to stop ModSecurity for any website if needed, or to switch on a detection mode, so all activity shall be recorded, but the firewall won't take any real action. You will be able to view detailed logs from your Hepsia Control Panel including the IP address where the attack came from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the security of our customers' sites very seriously, we use a selection of commercial rules which we get from one of the top firms that maintain such rules. Our administrators also include custom rules to make certain that your websites shall be resistant to as many threats as possible.

ModSecurity in Dedicated Hosting

All of our dedicated servers that are installed with the Hepsia hosting Control Panel feature ModSecurity, so any program which you upload or install will be properly secured from the very beginning and you won't have to stress about common attacks or vulnerabilities. An individual section in Hepsia will allow you to start or stop the firewall for each domain or subdomain, or turn on a detection mode so that it records information about intrusions, but does not take actions to stop them. What you'll see in the logs shall allow you to to secure your Internet sites better - the IP an attack came from, what site was attacked and in what way, what ModSecurity rule was triggered, etc. With this information, you can see whether a site needs an update, whether you need to block IPs from accessing your hosting server, and so on. On top of the third-party commercial security rules for ModSecurity which we use, our admins include custom ones as well when they find a new threat which is not yet included in the commercial bundle.