ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is used to stop attacks against script-driven websites through the use of security rules that contain certain expressions. That way, the firewall can prevent hacking and spamming attempts and protect even websites which aren't updated regularly. For instance, a number of failed login attempts to a script administrator area or attempts to execute a particular file with the intention to get access to the script will trigger specific rules, so ModSecurity shall block out these activities the instant it detects them. The firewall is quite efficient as it monitors the entire HTTP traffic to a website in real time without slowing it down, so it could stop an attack before any damage is done. It also maintains an incredibly comprehensive log of all attack attempts which features more info than traditional Apache logs, so you could later check out the data and take extra measures to enhance the security of your Internet sites if needed.

ModSecurity in Shared Website Hosting

ModSecurity is available on all shared website hosting web servers, so if you decide to host your sites with our company, they will be resistant to an array of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you shall have to do on your end. You will be able to stop ModSecurity for any site if needed, or to activate a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You will be able to view comprehensive logs via your Hepsia Control Panel including the IP where the attack originated from, what the attacker planned to do and how ModSecurity handled the threat. Since we take the protection of our customers' websites very seriously, we employ a set of commercial rules that we get from one of the best companies which maintain this sort of rules. Our administrators also add custom rules to ensure that your sites shall be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting plans and if you choose to host your websites with us, there won't be anything special you'll need to do as the firewall is activated by default for all domains and subdomains you include via your hosting CP. If necessary, you can disable ModSecurity for a particular website or activate the so-called detection mode in which case the firewall will still work and record info, but shall not do anything to prevent possible attacks on your Internet sites. In depth logs will be available in your CP and you shall be able to see which kind of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, and so on. We use two kinds of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom made ones which our administrators often include to respond to newly found threats in a timely manner.