ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's used to stop attacks against script-driven websites by employing security rules that contain certain expressions. That way, the firewall can block hacking and spamming attempts and preserve even sites which aren't updated often. As an example, multiple unsuccessful login attempts to a script admin area or attempts to execute a particular file with the intention to get access to the script will trigger specific rules, so ModSecurity will block out these activities the second it identifies them. The firewall is very efficient as it screens the whole HTTP traffic to a website in real time without slowing it down, so it could prevent an attack before any damage is done. It furthermore keeps an incredibly detailed log of all attack attempts that features more info than traditional Apache logs, so you can later analyze the data and take extra measures to enhance the security of your websites if necessary.

ModSecurity in Shared Website Hosting

ModSecurity is available on all shared website hosting servers, so when you choose to host your sites with our firm, they shall be shielded from a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you shall need to do on your end. You'll be able to stop ModSecurity for any site if needed, or to switch on a detection mode, so all activity will be recorded, but the firewall will not take any real action. You shall be able to view detailed logs through your Hepsia Control Panel including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity addressed the threat. As we take the protection of our clients' Internet sites very seriously, we use a group of commercial rules that we take from one of the leading companies that maintain this sort of rules. Our admins also add custom rules to make sure that your Internet sites will be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans that we offer come with ModSecurity and since the firewall is switched on by default, any site which you set up under a domain or a subdomain will be secured immediately. An independent section inside the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will enable you to stop and start the firewall for any site or enable a detection mode. With the last mentioned, ModSecurity shall not take any action, but it will still recognize possible attacks and will keep all info inside a log as if it were fully active. The logs could be found within the exact same section of the Control Panel and they offer specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules we employ on our servers are a mix of commercial ones from a security company and custom ones created by our system admins. Therefore, we provide greater security for your web applications as we can protect them from attacks before security firms release updates for completely new threats.

ModSecurity in VPS Hosting

Protection is essential to us, so we install ModSecurity on all virtual private servers that are provided with the Hepsia Control Panel as a standard. The firewall could be managed through a dedicated section within Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you will not need to do anything manually. You will also be able to disable it or switch on the so-called detection mode, so it will maintain a log of possible attacks that you can later study, but will not block them. The logs in both passive and active modes contain information regarding the kind of the attack and how it was prevented, what IP address it originated from and other valuable data which may help you to tighten the security of your Internet sites by updating them or blocking IPs, for instance. Beyond the commercial rules that we get for ModSecurity from a third-party security company, we also implement our own rules since occasionally we find specific attacks which are not yet present in the commercial pack. That way, we can enhance the security of your Virtual private server instantly as opposed to awaiting an official update.

ModSecurity in Dedicated Web Hosting

All our dedicated servers which are set up with the Hepsia hosting Control Panel include ModSecurity, so any application you upload or install shall be protected from the very beginning and you won't have to concern yourself with common attacks or vulnerabilities. An individual section inside Hepsia will enable you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you shall see in the logs shall help you to secure your Internet sites better - the IP address an attack came from, what site was attacked and exactly how, what ModSecurity rule was triggered, etcetera. With this data, you'll be able to see if an Internet site needs an update, whether you should block IPs from accessing your web server, etc. Aside from the third-party commercial security rules for ModSecurity we use, our administrators add custom ones as well whenever they come across a new threat that is not yet a part of the commercial bundle.