ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's employed to prevent attacks toward script-driven sites by employing security rules which contain particular expressions. This way, the firewall can block hacking and spamming attempts and preserve even websites which are not updated frequently. For instance, multiple failed login attempts to a script administrative area or attempts to execute a particular file with the purpose to get access to the script will trigger certain rules, so ModSecurity will stop these activities the moment it identifies them. The firewall is incredibly efficient as it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it can easily prevent an attack before any damage is done. It additionally keeps an exceptionally thorough log of all attack attempts which features more info than standard Apache logs, so you could later analyze the data and take additional measures to enhance the security of your websites if necessary.

ModSecurity in Cloud Hosting

ModSecurity comes standard with all cloud hosting solutions that we offer and it will be activated automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has three different modes, so you can activate and deactivate it with a click or set it to detection mode, so it'll keep a log of all attacks, but it shall not do anything to prevent them. The log for any of your sites will feature in-depth info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are constantly updated and comprise of both commercial ones we get from a third-party security company and custom ones which our system administrators include in case that they detect a new kind of attacks. In this way, the Internet sites you host here shall be much more protected without any action needed on your end.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers that are set up with our Hepsia CP and you will not need to do anything specific on your end to use it because it is switched on by default every time you add a new domain or subdomain on your hosting server. If it disrupts some of your applications, you'll be able to stop it via the respective part of Hepsia, or you may leave it in passive mode, so it will detect attacks and will still keep a log for them, but won't stop them. You may look at the logs later to determine what you can do to increase the protection of your websites as you will find information such as where an intrusion attempt came from, what site was attacked and based upon what rule ModSecurity reacted, etcetera. The rules which we use are commercial, thus they're constantly updated by a security company, but to be on the safe side, our staff also add custom rules from time to time as to deal with any new threats they have found.