ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is used to prevent attacks towards script-driven Internet sites by using security rules that contain certain expressions. In this way, the firewall can block hacking and spamming attempts and shield even Internet sites which are not updated often. For example, a number of unsuccessful login attempts to a script admin area or attempts to execute a certain file with the objective to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the second it discovers them. The firewall is incredibly efficient because it screens the whole HTTP traffic to a site in real time without slowing it down, so it could prevent an attack before any harm is done. It also maintains an incredibly detailed log of all attack attempts which includes more information than standard Apache logs, so you could later analyze the data and take extra measures to improve the security of your Internet sites if needed.

ModSecurity in Shared Hosting

ModSecurity is offered with each shared hosting solution that we provide and it is activated by default for any domain or subdomain that you include via your Hepsia CP. In the event that it interferes with any of your programs or you'd like to disable it for some reason, you'll be able to do that through the ModSecurity area of Hepsia with simply a click. You may also enable a passive mode, so the firewall will detect potential attacks and keep a log, but shall not take any action. You could view comprehensive logs in the same section, including the IP where the attack originated from, what exactly the attacker attempted to do and at what time, what ModSecurity did, and so on. For max protection of our customers we use a group of commercial firewall rules blended with custom ones that are provided by our system administrators.

ModSecurity in Semi-dedicated Hosting

We have incorporated ModSecurity as a standard within all semi-dedicated hosting packages, so your web applications shall be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will permit you to switch on or turn off the firewall for any Internet site with a click. You'll also be able to activate a passive detection mode with which ModSecurity will maintain a log of possible attacks without actually stopping them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack initiated, where it originated from, and so on. The list of rules which we employ is frequently updated as to match any new threats that might appear on the Internet and it comes with both commercial rules that we get from a security company and custom-written ones that our administrators include in the event that they discover a threat which is not present in the commercial list yet.

ModSecurity in Dedicated Hosting

If you decide to host your Internet sites on a dedicated server with the Hepsia CP, your web apps shall be secured immediately since ModSecurity is available with all Hepsia-based plans. You will be able to regulate the firewall with ease and if necessary, you will be able to turn it off or activate its passive mode when it'll only maintain a log of what's taking place without taking any action to stop potential attacks. The logs that you can find inside the very same section of the Control Panel are really detailed and feature details about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall used to stop the intrusion, etcetera. This data shall enable you to take measures and increase the security of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our staff add whenever they identify attacks that haven't yet been included inside the commercial pack.