ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's employed to prevent attacks against script-driven websites by employing security rules that contain particular expressions. In this way, the firewall can prevent hacking and spamming attempts and protect even sites that are not updated regularly. As an example, several failed login attempts to a script administrative area or attempts to execute a specific file with the purpose to get access to the script shall trigger certain rules, so ModSecurity will stop these activities the moment it identifies them. The firewall is incredibly efficient as it monitors the whole HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It also keeps an incredibly comprehensive log of all attack attempts which includes more information than typical Apache logs, so you can later analyze the data and take additional measures to increase the security of your websites if necessary.

ModSecurity in Cloud Website Hosting

ModSecurity is offered with each cloud website hosting solution that we offer and it is turned on by default for every domain or subdomain that you add via your Hepsia Control Panel. If it interferes with any of your programs or you'd like to disable it for whatever reason, you shall be able to accomplish that through the ModSecurity section of Hepsia with merely a click. You could also use a passive mode, so the firewall will recognize possible attacks and maintain a log, but will not take any action. You'll be able to view comprehensive logs in the exact same section, including the IP where the attack originated from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so forth. For maximum security of our clients we use a set of commercial firewall rules combined with custom ones which are added by our system admins.

ModSecurity in Dedicated Servers

All our dedicated servers that are installed with the Hepsia hosting Control Panel include ModSecurity, so any program which you upload or install shall be secured from the very beginning and you'll not need to stress about common attacks or vulnerabilities. An individual section in Hepsia will allow you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to stop them. What you'll discover in the logs shall help you to secure your Internet sites better - the IP an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, etcetera. With this information, you could see whether a site needs an update, if you should block IPs from accessing your server, etcetera. Aside from the third-party commercial security rules for ModSecurity which we use, our admins add custom ones as well every time they come across a new threat that's not yet included in the commercial bundle.