ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is used to prevent attacks against script-driven websites by using security rules that contain particular expressions. That way, the firewall can block hacking and spamming attempts and protect even sites which are not updated on a regular basis. As an example, multiple unsuccessful login attempts to a script admin area or attempts to execute a certain file with the objective to get access to the script shall trigger specific rules, so ModSecurity will block out these activities the instant it identifies them. The firewall is extremely efficient because it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any harm is done. It additionally maintains a very comprehensive log of all attack attempts which contains more info than standard Apache logs, so you can later analyze the data and take additional measures to enhance the security of your sites if necessary.

ModSecurity in Cloud Website Hosting

We provide ModSecurity with all cloud website hosting plans, so your Internet apps shall be shielded from malicious attacks. The firewall is activated as standard for all domains and subdomains, but in case you would like, you'll be able to stop it via the respective part of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you shall discover in Hepsia are very detailed and offer information about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, etc. We use a set of commercial rules which are constantly updated, but sometimes our administrators include custom rules as well so as to better protect the websites hosted on our servers.

ModSecurity in Dedicated Web Hosting

ModSecurity comes with all dedicated servers which are set up with our Hepsia Control Panel and you will not need to do anything specific on your end to use it because it's turned on by default each time you include a new domain or subdomain on your server. In the event that it disrupts any of your applications, you will be able to stop it via the respective part of Hepsia, or you can leave it operating in passive mode, so it'll recognize attacks and will still maintain a log for them, but won't block them. You can look at the logs later to learn what you can do to boost the protection of your websites since you will find info such as where an intrusion attempt originated from, what site was attacked and in accordance with what rule ModSecurity reacted, and so on. The rules we employ are commercial, hence they are regularly updated by a security provider, but to be on the safe side, our administrators also add custom rules once in a while in order to react to any new threats they have found.