ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is used to prevent attacks towards script-driven Internet sites by using security rules that contain certain expressions. In this way, the firewall can block hacking and spamming attempts and shield even Internet sites which are not updated often. For example, a number of unsuccessful login attempts to a script admin area or attempts to execute a certain file with the objective to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the second it discovers them. The firewall is incredibly efficient because it screens the whole HTTP traffic to a site in real time without slowing it down, so it could prevent an attack before any harm is done. It also maintains an incredibly detailed log of all attack attempts which includes more information than standard Apache logs, so you could later analyze the data and take extra measures to improve the security of your Internet sites if needed.

ModSecurity in Shared Hosting

ModSecurity is offered with each shared hosting solution that we provide and it is activated by default for any domain or subdomain that you include via your Hepsia CP. In the event that it interferes with any of your programs or you'd like to disable it for some reason, you'll be able to do that through the ModSecurity area of Hepsia with simply a click. You may also enable a passive mode, so the firewall will detect potential attacks and keep a log, but shall not take any action. You could view comprehensive logs in the same section, including the IP where the attack originated from, what exactly the attacker attempted to do and at what time, what ModSecurity did, and so on. For max protection of our customers we use a group of commercial firewall rules blended with custom ones that are provided by our system administrators.

ModSecurity in Semi-dedicated Hosting

We have incorporated ModSecurity as a standard within all semi-dedicated hosting packages, so your web applications shall be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will permit you to switch on or turn off the firewall for any Internet site with a click. You'll also be able to activate a passive detection mode with which ModSecurity will maintain a log of possible attacks without actually stopping them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack initiated, where it originated from, and so on. The list of rules which we employ is frequently updated as to match any new threats that might appear on the Internet and it comes with both commercial rules that we get from a security company and custom-written ones that our administrators include in the event that they discover a threat which is not present in the commercial list yet.