ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is employed to prevent attacks against script-driven websites by using security rules that contain particular expressions. That way, the firewall can block hacking and spamming attempts and preserve even Internet sites that aren't updated regularly. For example, a number of failed login attempts to a script admin area or attempts to execute a particular file with the intention to get access to the script will trigger certain rules, so ModSecurity shall stop these activities the instant it identifies them. The firewall is quite efficient because it monitors the whole HTTP traffic to a website in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It additionally maintains an incredibly thorough log of all attack attempts which includes more information than conventional Apache logs, so you can later analyze the data and take additional measures to boost the security of your Internet sites if necessary.

ModSecurity in Cloud Hosting

ModSecurity is supplied with all cloud hosting servers, so if you opt to host your websites with our organization, they'll be resistant to an array of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you'll need to do on your end. You will be able to stop ModSecurity for any Internet site if necessary, or to activate a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view specific logs from your Hepsia Control Panel including the IP where the attack originated from, what the attacker wished to do and how ModSecurity handled the threat. Since we take the protection of our customers' websites seriously, we employ a group of commercial rules which we get from one of the leading companies that maintain such rules. Our administrators also include custom rules to ensure that your Internet sites shall be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server packages and if you choose to host your Internet sites with us, there shall not be anything special you'll have to do given that the firewall is activated by default for all domains and subdomains you add via your hosting CP. If necessary, you can disable ModSecurity for a given Internet site or turn on the so-called detection mode in which case the firewall will still function and record information, but shall not do anything to prevent possible attacks against your sites. In depth logs will be readily available in your CP and you'll be able to see what sort of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks originated from, and so forth. We employ two sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and custom ones that our admins often add to respond to newly identified threats promptly.