ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's employed to stop attacks toward script-driven sites by using security rules that contain certain expressions. That way, the firewall can prevent hacking and spamming attempts and preserve even sites that are not updated frequently. As an example, numerous unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the intention to get access to the script shall trigger certain rules, so ModSecurity will block these activities the moment it identifies them. The firewall is incredibly efficient since it screens the whole HTTP traffic to a website in real time without slowing it down, so it could stop an attack before any damage is done. It also maintains an exceptionally thorough log of all attack attempts which features more info than conventional Apache logs, so you could later analyze the data and take additional measures to improve the security of your sites if required.

ModSecurity in Shared Web Hosting

We provide ModSecurity with all shared web hosting plans, so your Internet applications shall be shielded from malicious attacks. The firewall is switched on by default for all domains and subdomains, but if you'd like, you shall be able to stop it via the respective part of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you shall find inside Hepsia are extremely detailed and include information about the nature of any attack, when it happened and from what IP address, the firewall rule that was triggered, etc. We employ a group of commercial rules that are regularly updated, but sometimes our admins include custom rules as well in order to efficiently protect the sites hosted on our servers.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are set up with the Hepsia hosting CP, so your web applications shall be secured from the instant your server is in a position. The firewall is activated by default for any domain or subdomain on the VPS, but if needed, you can deactivate it with a click of your mouse via the corresponding section of Hepsia. You may also set it to function in detection mode, so it'll maintain a comprehensive log of any potential attacks without taking any action to stop them. The logs can be found inside the very same section and provide information regarding the nature of the attack, what IP address it originated from and what ModSecurity rule was initiated to stop it. For optimum security, we use not just commercial rules from a firm working in the field of web security, but also custom ones our administrators include manually so as to react to new risks which are still not tackled in the commercial rules.