ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's used to prevent attacks toward script-driven Internet sites by using security rules which contain specific expressions. This way, the firewall can stop hacking and spamming attempts and preserve even websites that are not updated on a regular basis. For example, multiple unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the purpose to get access to the script will trigger particular rules, so ModSecurity will block out these activities the second it identifies them. The firewall is extremely efficient as it screens the whole HTTP traffic to a site in real time without slowing it down, so it can easily prevent an attack before any harm is done. It furthermore maintains a very comprehensive log of all attack attempts that includes more information than typical Apache logs, so you can later examine the data and take additional measures to improve the security of your sites if needed.

ModSecurity in Cloud Hosting

ModSecurity comes by default with all cloud hosting packages which we supply and it shall be activated automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you could activate and deactivate it with a mouse click or set it to detection mode, so it'll maintain a log of all attacks, but it'll not do anything to prevent them. The log for any of your websites will feature detailed info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are regularly updated and consist of both commercial ones that we get from a third-party security company and custom ones that our system admins add in the event that they detect a new sort of attacks. This way, the websites you host here shall be a lot more protected with no action required on your end.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers that are integrated with our Hepsia CP and you won't need to do anything specific on your end to use it since it is turned on by default whenever you include a new domain or subdomain on your hosting server. In the event that it interferes with some of your applications, you will be able to stop it via the respective part of Hepsia, or you could leave it operating in passive mode, so it'll detect attacks and shall still keep a log for them, but shall not prevent them. You may look at the logs later to learn what you can do to boost the security of your Internet sites as you'll find info such as where an intrusion attempt came from, what Internet site was attacked and based upon what rule ModSecurity responded, etc. The rules that we employ are commercial, hence they're frequently updated by a security company, but to be on the safe side, our staff also include custom rules from time to time as to respond to any new threats they have identified.