ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is used to stop attacks toward script-driven websites by using security rules which contain particular expressions. That way, the firewall can block hacking and spamming attempts and shield even sites that aren't updated frequently. For example, multiple failed login attempts to a script administrative area or attempts to execute a specific file with the purpose to get access to the script will trigger particular rules, so ModSecurity will stop these activities the second it identifies them. The firewall is quite efficient because it tracks the entire HTTP traffic to a site in real time without slowing it down, so it can stop an attack before any harm is done. It furthermore maintains an incredibly thorough log of all attack attempts which features more info than standard Apache logs, so you could later analyze the data and take additional measures to increase the security of your sites if required.

ModSecurity in Cloud Hosting

ModSecurity is provided with all cloud hosting web servers, so when you decide to host your websites with our firm, they shall be shielded from a wide array of attacks. The firewall is turned on by default for all domains and subdomains, so there shall be nothing you will have to do on your end. You'll be able to stop ModSecurity for any website if needed, or to activate a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You shall be able to view comprehensive logs through your Hepsia CP including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity dealt with the threat. As we take the protection of our customers' sites very seriously, we employ a group of commercial rules that we take from one of the top firms that maintain this kind of rules. Our admins also add custom rules to ensure that your sites shall be shielded from as many threats as possible.

ModSecurity in Dedicated Web Hosting

All of our dedicated servers that are set up with the Hepsia hosting CP feature ModSecurity, so any program that you upload or set up shall be secured from the very beginning and you won't have to bother about common attacks or vulnerabilities. An independent section inside Hepsia will allow you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you'll see in the logs shall enable you to to secure your sites better - the IP address an attack came from, what site was attacked and how, what ModSecurity rule was triggered, and so forth. With this information, you could see if a website needs an update, whether you should block IPs from accessing your server, and so on. Besides the third-party commercial security rules for ModSecurity we use, our admins add custom ones as well if they discover a new threat which is not yet in the commercial bundle.