ModSecurity is a powerful firewall for Apache web servers that's employed to stop attacks towards web applications. It monitors the HTTP traffic to a particular site in real time and stops any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to do this - as an example, attempting to log in to a script administration area without success a few times triggers one rule, sending a request to execute a particular file that may result in accessing the site triggers a different rule, and so forth. ModSecurity is amongst the best firewalls available on the market and it'll protect even scripts which aren't updated frequently because it can prevent attackers from employing known exploits and security holes. Incredibly thorough data about each intrusion attempt is recorded and the logs the firewall maintains are far more specific than the conventional logs created by the Apache server, so you could later take a look at them and decide if you need to take more measures in order to enhance the protection of your script-driven sites.

ModSecurity in Shared Hosting

ModSecurity comes standard with all shared hosting plans that we supply and it'll be activated automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has three different modes, so you could switch on and deactivate it with simply a click or set it to detection mode, so it'll maintain a log of all attacks, but it will not do anything to stop them. The log for each of your websites will contain comprehensive info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are constantly updated and incorporate both commercial ones which we get from a third-party security firm and custom ones that our system admins include in the event that they detect a new sort of attacks. This way, the sites that you host here will be far more secure without any action needed on your end.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting solutions and if you choose to host your websites with our company, there won't be anything special you'll need to do as the firewall is turned on by default for all domains and subdomains that you include via your hosting Control Panel. If necessary, you can disable ModSecurity for a particular Internet site or switch on the so-called detection mode in which case the firewall shall still work and record data, but shall not do anything to stop potential attacks on your websites. Comprehensive logs will be accessible in your CP and you'll be able to see what type of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, and so on. We employ two sorts of rules on our servers - commercial ones from a company which operates in the field of web security, and customized ones that our admins sometimes add to respond to newly discovered threats in a timely manner.