ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's employed to stop attacks against script-driven websites by using security rules which contain specific expressions. That way, the firewall can prevent hacking and spamming attempts and protect even sites that are not updated regularly. For instance, several unsuccessful login attempts to a script admin area or attempts to execute a specific file with the intention to get access to the script will trigger particular rules, so ModSecurity will block these activities the instant it discovers them. The firewall is extremely efficient because it monitors the entire HTTP traffic to a website in real time without slowing it down, so it could prevent an attack before any damage is done. It also maintains an incredibly comprehensive log of all attack attempts that features more information than typical Apache logs, so you could later analyze the data and take additional measures to enhance the security of your websites if needed.

ModSecurity in Shared Hosting

ModSecurity is offered with each and every shared hosting plan that we provide and it is activated by default for any domain or subdomain which you add via your Hepsia CP. In case it interferes with any of your applications or you would like to disable it for any reason, you will be able to do this through the ModSecurity area of Hepsia with just a mouse click. You could also activate a passive mode, so the firewall will identify possible attacks and keep a log, but shall not take any action. You could view detailed logs in the very same section, including the IP where the attack originated from, what precisely the attacker attempted to do and at what time, what ModSecurity did, etcetera. For max protection of our clients we use a group of commercial firewall rules combined with custom ones which are included by our system administrators.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions that we offer feature ModSecurity and given that the firewall is enabled by default, any website that you create under a domain or a subdomain will be protected right away. A separate section within the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it will permit you to stop and start the firewall for any Internet site or activate a detection mode. With the last option, ModSecurity will not take any action, but it will still identify possible attacks and shall keep all information in a log as if it were fully active. The logs could be found inside the exact same section of the CP and they include info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, etc. The security rules that we use on our machines are a mix between commercial ones from a security company and custom ones created by our system admins. Consequently, we offer increased security for your web applications as we can protect them from attacks before security corporations release updates for new threats.