ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is employed to prevent attacks towards script-driven Internet sites through the use of security rules that contain particular expressions. This way, the firewall can prevent hacking and spamming attempts and preserve even Internet sites that are not updated regularly. For instance, a number of failed login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script will trigger specific rules, so ModSecurity will block out these activities the minute it detects them. The firewall is extremely efficient since it tracks the entire HTTP traffic to a website in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It also keeps a very comprehensive log of all attack attempts that contains more information than standard Apache logs, so you could later examine the data and take extra measures to boost the security of your Internet sites if necessary.

ModSecurity in Shared Web Hosting

ModSecurity can be found with each shared web hosting plan that we provide and it is activated by default for every domain or subdomain which you include via your Hepsia CP. In case it interferes with any of your applications or you'd like to disable it for some reason, you'll be able to do this through the ModSecurity section of Hepsia with only a mouse click. You could also activate a passive mode, so the firewall will detect potential attacks and keep a log, but won't take any action. You can see detailed logs in the exact same section, including the IP where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, etcetera. For maximum protection of our clients we use a set of commercial firewall rules combined with custom ones that are provided by our system administrators.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans that we offer come with ModSecurity and since the firewall is switched on by default, any Internet site that you create under a domain or a subdomain shall be secured right away. A separate section within the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it shall enable you to stop and start the firewall for any website or enable a detection mode. With the latter, ModSecurity will not take any action, but it'll still identify possible attacks and shall keep all data in a log as if it were fully active. The logs could be found within the exact same section of the Control Panel and they feature information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules which we use on our web servers are a mix between commercial ones from a security business and custom ones made by our system admins. Therefore, we offer greater security for your web applications as we can protect them from attacks even before security firms release updates for completely new threats.

ModSecurity in Dedicated Hosting

When you opt to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web apps shall be secured right away because ModSecurity is supplied with all Hepsia-based packages. You shall be able to control the firewall with ease and if required, you will be able to turn it off or activate its passive mode when it will only keep a log of what's taking place without taking any action to prevent potential attacks. The logs which you'll find inside the exact same section of the CP are really detailed and include data about the attacker IP address, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so forth. This information will allow you to take measures and boost the security of your websites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our staff include every time they recognize attacks that haven't yet been included within the commercial pack.