ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is used to stop attacks toward script-driven Internet sites through the use of security rules that contain particular expressions. In this way, the firewall can prevent hacking and spamming attempts and protect even websites that are not updated regularly. For example, numerous unsuccessful login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script will trigger specific rules, so ModSecurity shall block out these activities the second it detects them. The firewall is very efficient as it monitors the whole HTTP traffic to a site in real time without slowing it down, so it can easily stop an attack before any harm is done. It additionally keeps an incredibly comprehensive log of all attack attempts that features more info than conventional Apache logs, so you could later examine the data and take additional measures to improve the security of your Internet sites if required.

ModSecurity in Cloud Hosting

ModSecurity is available on all cloud hosting machines, so when you decide to host your Internet sites with our firm, they'll be protected against an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you'll need to do on your end. You shall be able to stop ModSecurity for any site if necessary, or to enable a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You shall be able to view specific logs via your Hepsia CP including the IP where the attack originated from, what the attacker wished to do and how ModSecurity handled the threat. As we take the safety of our customers' Internet sites seriously, we employ a set of commercial rules which we take from one of the top companies which maintain this kind of rules. Our administrators also include custom rules to make certain that your Internet sites shall be shielded from as many risks as possible.

ModSecurity in Dedicated Hosting

ModSecurity is provided with all dedicated servers that are integrated with our Hepsia CP and you will not have to do anything specific on your end to employ it since it's activated by default whenever you add a new domain or subdomain on your web server. In the event that it disrupts any of your apps, you will be able to stop it through the respective part of Hepsia, or you could leave it working in passive mode, so it shall identify attacks and will still maintain a log for them, but won't prevent them. You could analyze the logs later to determine what you can do to enhance the security of your websites since you will find info such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity reacted, and so forth. The rules that we employ are commercial, hence they're regularly updated by a security provider, but to be on the safe side, our administrators also include custom rules once in a while as to react to any new threats they have discovered.