ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's employed to stop attacks against script-driven sites by using security rules which contain particular expressions. This way, the firewall can stop hacking and spamming attempts and shield even sites which are not updated frequently. For instance, several unsuccessful login attempts to a script admin area or attempts to execute a certain file with the purpose to get access to the script shall trigger certain rules, so ModSecurity will stop these activities the minute it identifies them. The firewall is extremely efficient since it tracks the whole HTTP traffic to a website in real time without slowing it down, so it could stop an attack before any harm is done. It furthermore keeps an exceptionally comprehensive log of all attack attempts that features more information than typical Apache logs, so you can later analyze the data and take additional measures to improve the security of your Internet sites if needed.

ModSecurity in Cloud Website Hosting

ModSecurity is offered with each cloud website hosting plan that we provide and it is switched on by default for any domain or subdomain which you include via your Hepsia Control Panel. In the event that it disrupts any of your applications or you'd like to disable it for whatever reason, you shall be able to accomplish that through the ModSecurity area of Hepsia with just a click. You could also use a passive mode, so the firewall will discover possible attacks and maintain a log, but won't take any action. You could view comprehensive logs in the same section, including the IP address where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, and so forth. For max security of our clients we use a collection of commercial firewall rules combined with custom ones which are added by our system admins.

ModSecurity in Semi-dedicated Hosting

Any web program which you install in your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall comes with all our hosting plans and is turned on by default for any domain and subdomain you include or create via your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated area in Hepsia where not simply could you activate or deactivate it fully, but you can also activate a passive mode, so the firewall won't stop anything, but it'll still keep a record of possible attacks. This normally requires only a mouse click and you shall be able to see the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was dealt with, and so on. The firewall uses two sets of rules on our machines - a commercial one that we get from a third-party web security company and a custom one which our admins update personally as to respond to newly discovered risks as quickly as possible.

ModSecurity in Dedicated Hosting

ModSecurity is provided with all dedicated servers that are set up with our Hepsia CP and you'll not have to do anything specific on your end to employ it since it is switched on by default every time you include a new domain or subdomain on your web server. In the event that it interferes with some of your applications, you'll be able to stop it via the respective section of Hepsia, or you could leave it operating in passive mode, so it shall identify attacks and will still maintain a log for them, but won't stop them. You can look at the logs later to learn what you can do to increase the safety of your Internet sites since you will find info such as where an intrusion attempt came from, what site was attacked and based upon what rule ModSecurity responded, and so on. The rules we use are commercial, thus they are constantly updated by a security provider, but to be on the safe side, our administrators also include custom rules occasionally as to react to any new threats they have discovered.