ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's used to stop attacks against script-driven Internet sites by employing security rules which contain specific expressions. That way, the firewall can block hacking and spamming attempts and shield even Internet sites that aren't updated often. For example, multiple failed login attempts to a script administrator area or attempts to execute a particular file with the intention to get access to the script shall trigger certain rules, so ModSecurity shall stop these activities the minute it detects them. The firewall is quite efficient since it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any damage is done. It also keeps an incredibly comprehensive log of all attack attempts that includes more info than typical Apache logs, so you could later examine the data and take further measures to enhance the security of your websites if necessary.

ModSecurity in Hosting

ModSecurity comes standard with all hosting solutions that we offer and it will be turned on automatically for any domain or subdomain which you add/create in your Hepsia hosting CP. The firewall has three different modes, so you'll be able to activate and deactivate it with simply a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it will not do anything to prevent them. The log for each of your websites shall contain detailed info such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are constantly updated and consist of both commercial ones which we get from a third-party security business and custom ones that our system admins include in the event that they detect a new kind of attacks. That way, the sites that you host here will be way more secure with no action required on your end.

ModSecurity in Semi-dedicated Hosting

We've integrated ModSecurity by default in all semi-dedicated hosting packages, so your web apps shall be protected as soon as you set them up under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts will permit you to activate or turn off the firewall for any Internet site with a click. You will also be able to activate a passive detection mode with which ModSecurity shall keep a log of potential attacks without actually preventing them. The thorough logs include things like the nature of the attack and what ModSecurity response that attack caused, where it came from, and so forth. The list of rules we employ is regularly updated as to match any new threats that could appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones which our admins include if they find a threat that is not present within the commercial list yet.

ModSecurity in VPS Web Hosting

ModSecurity is provided with all Hepsia-based virtual private servers which we offer and it shall be turned on automatically for any new domain or subdomain that you add on the hosting server. In this way, any web app you install shall be secured right from the start without doing anything by hand on your end. The firewall can be managed from the section of the CP that bears the same name. This is the place in whichyou can switch off ModSecurity or activate its passive mode, so it won't take any action toward threats, but will still keep a detailed log. The recorded data is available in the same section as well and you shall be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules that we employ on our servers are a blend between commercial ones that we get from a security organization and custom ones which are included by our admins to maximize the protection of any web applications hosted on our end.

ModSecurity in Dedicated Servers Hosting

If you decide to host your websites on a dedicated server with the Hepsia Control Panel, your web applications will be secured right from the start because ModSecurity is available with all Hepsia-based solutions. You'll be able to control the firewall without difficulty and if required, you will be able to turn it off or enable its passive mode when it will only keep a log of what is taking place without taking any action to prevent potential attacks. The logs which you'll find inside the same section of the Control Panel are extremely detailed and include details about the attacker IP, what website and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etc. This data shall enable you to take measures and improve the protection of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our staff add whenever they identify attacks which haven't yet been included within the commercial pack.