ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is used to stop attacks toward script-driven sites through the use of security rules which contain particular expressions. That way, the firewall can block hacking and spamming attempts and shield even sites which are not updated on a regular basis. For example, a number of unsuccessful login attempts to a script administrative area or attempts to execute a specific file with the intention to get access to the script shall trigger certain rules, so ModSecurity shall block these activities the instant it discovers them. The firewall is very efficient as it screens the whole HTTP traffic to a site in real time without slowing it down, so it can easily stop an attack before any harm is done. It also maintains an incredibly detailed log of all attack attempts that includes more information than conventional Apache logs, so you can later examine the data and take additional measures to enhance the security of your sites if necessary.

ModSecurity in Web Hosting

ModSecurity can be found with each web hosting solution that we provide and it's turned on by default for every domain or subdomain which you add via your Hepsia CP. In case it disrupts any of your apps or you would like to disable it for some reason, you'll be able to accomplish that through the ModSecurity area of Hepsia with only a click. You can also enable a passive mode, so the firewall will detect possible attacks and keep a log, but won't take any action. You could view extensive logs in the very same section, including the IP where the attack came from, exactly what the attacker tried to do and at what time, what ModSecurity did, etcetera. For maximum security of our customers we use a set of commercial firewall rules blended with custom ones that are included by our system admins.

ModSecurity in Dedicated Servers

All our dedicated servers that are set up with the Hepsia hosting Control Panel feature ModSecurity, so any application which you upload or set up will be secured from the very beginning and you will not need to stress about common attacks or vulnerabilities. An individual section inside Hepsia will enable you to start or stop the firewall for each domain or subdomain, or activate a detection mode so that it records information about intrusions, but doesn't take actions to prevent them. What you shall find in the logs can easily enable you to to secure your websites better - the IP an attack originated from, what website was attacked as well as how, what ModSecurity rule was triggered, and so on. With this information, you could see if a site needs an update, if you ought to block IPs from accessing your web server, and so forth. On top of the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones as well whenever they discover a new threat that's not yet in the commercial bundle.