ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is employed to stop attacks toward script-driven websites by employing security rules that contain particular expressions. That way, the firewall can stop hacking and spamming attempts and protect even Internet sites which aren't updated frequently. As an example, multiple unsuccessful login attempts to a script admin area or attempts to execute a specific file with the purpose to get access to the script will trigger specific rules, so ModSecurity will stop these activities the instant it identifies them. The firewall is extremely efficient since it tracks the whole HTTP traffic to a website in real time without slowing it down, so it can stop an attack before any harm is done. It furthermore keeps an incredibly thorough log of all attack attempts that includes more info than conventional Apache logs, so you can later examine the data and take additional measures to improve the security of your Internet sites if needed.

ModSecurity in Website Hosting

ModSecurity comes standard with all website hosting plans that we provide and it will be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and deactivate it with simply a click or set it to detection mode, so it shall keep a log of all attacks, but it'll not do anything to stop them. The log for any of your Internet sites will feature comprehensive info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules we use are regularly updated and consist of both commercial ones which we get from a third-party security business and custom ones our system administrators add in the event that they detect a new type of attacks. This way, the Internet sites which you host here will be far more protected with no action expected on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans which we offer feature ModSecurity and since the firewall is enabled by default, any Internet site you build under a domain or a subdomain will be secured straight away. An independent section in the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll enable you to start and stop the firewall for any site or switch on a detection mode. With the last option, ModSecurity will not take any action, but it'll still recognize possible attacks and shall keep all information within a log as if it were 100% active. The logs could be found within the exact same section of the Control Panel and they feature info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules which we employ on our servers are a mix of commercial ones from a security firm and custom ones created by our system admins. Therefore, we offer higher security for your web apps as we can shield them from attacks before security firms release updates for brand new threats.