ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is used to prevent attacks towards script-driven websites by using security rules which contain particular expressions. This way, the firewall can stop hacking and spamming attempts and shield even Internet sites that are not updated frequently. As an example, multiple unsuccessful login attempts to a script admin area or attempts to execute a certain file with the intention to get access to the script shall trigger certain rules, so ModSecurity will stop these activities the second it identifies them. The firewall is quite efficient because it tracks the entire HTTP traffic to a website in real time without slowing it down, so it can easily prevent an attack before any damage is done. It additionally keeps an exceptionally thorough log of all attack attempts which includes more info than traditional Apache logs, so you could later check out the data and take further measures to enhance the security of your Internet sites if necessary.

ModSecurity in Web Hosting

ModSecurity can be found with each web hosting package that we offer and it is turned on by default for any domain or subdomain which you include through your Hepsia CP. In the event that it interferes with any of your programs or you'd like to disable it for whatever reason, you'll be able to do that through the ModSecurity area of Hepsia with only a mouse click. You can also enable a passive mode, so the firewall will detect potential attacks and keep a log, but shall not take any action. You could view detailed logs in the very same section, including the IP where the attack came from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so forth. For max security of our clients we use a collection of commercial firewall rules combined with custom ones that are included by our system administrators.

ModSecurity in Semi-dedicated Servers

We have incorporated ModSecurity as a standard inside all semi-dedicated server packages, so your web applications shall be protected as soon as you set them up under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall permit you to enable or disable the firewall for any website with a mouse click. You will also have the ability to switch on a passive detection mode in which ModSecurity will keep a log of possible attacks without actually preventing them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack initiated, where it originated from, and so forth. The list of rules we employ is regularly updated in order to match any new risks which may appear on the Internet and it features both commercial rules that we get from a security business and custom-written ones which our administrators include if they discover a threat that is not present in the commercial list yet.

ModSecurity in Dedicated Servers

If you decide to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web applications shall be secured immediately because ModSecurity is provided with all Hepsia-based solutions. You will be able to manage the firewall with ease and if necessary, you will be able to turn it off or activate its passive mode when it will only keep a log of what's occurring without taking any action to stop potential attacks. The logs which you can find within the very same section of the CP are extremely detailed and contain data about the attacker IP address, what site and file were attacked and in what way, what rule the firewall employed to stop the intrusion, and so on. This data shall enable you to take measures and improve the protection of your sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our staff include every time they detect attacks which have not yet been included within the commercial pack.