ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's used to prevent attacks towards script-driven websites by using security rules that contain certain expressions. That way, the firewall can stop hacking and spamming attempts and protect even Internet sites which aren't updated often. For example, multiple unsuccessful login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script will trigger specific rules, so ModSecurity shall block these activities the moment it identifies them. The firewall is quite efficient because it screens the entire HTTP traffic to a website in real time without slowing it down, so it can stop an attack before any damage is done. It additionally maintains an incredibly thorough log of all attack attempts that contains more information than typical Apache logs, so you can later examine the data and take further measures to enhance the security of your websites if needed.

ModSecurity in Shared Website Hosting

ModSecurity comes standard with all shared website hosting plans which we provide and it will be switched on automatically for any domain or subdomain that you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you'll be able to switch on and disable it with a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to prevent them. The log for each of your Internet sites will feature detailed info including the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules we use are frequently updated and include both commercial ones that we get from a third-party security business and custom ones which our system admins add in the event that they detect a new kind of attacks. This way, the sites you host here shall be a lot more secure without any action expected on your end.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server solutions and if you decide to host your sites with us, there will not be anything special you'll need to do given that the firewall is switched on by default for all domains and subdomains that you add via your hosting CP. If required, you can disable ModSecurity for a given website or turn on the so-called detection mode in which case the firewall shall still function and record information, but shall not do anything to prevent possible attacks against your sites. Detailed logs will be accessible in your Control Panel and you shall be able to see what type of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, and so on. We use two sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and custom ones which our admins sometimes include to respond to newly discovered risks promptly.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers which are integrated with our Hepsia Control Panel and you'll not need to do anything specific on your end to employ it as it is enabled by default each time you add a new domain or subdomain on your web server. In the event that it disrupts any of your programs, you will be able to stop it through the respective part of Hepsia, or you could leave it operating in passive mode, so it'll identify attacks and shall still maintain a log for them, but won't block them. You can analyze the logs later to find out what you can do to boost the protection of your websites as you'll find info such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity responded, etcetera. The rules that we employ are commercial, thus they're frequently updated by a security provider, but to be on the safe side, our staff also include custom rules every now and then as to respond to any new threats they have found.