ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's used to prevent attacks towards script-driven websites by employing security rules which contain certain expressions. In this way, the firewall can block hacking and spamming attempts and preserve even websites which are not updated regularly. As an example, numerous unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall stop these activities the moment it discovers them. The firewall is quite efficient since it tracks the whole HTTP traffic to a website in real time without slowing it down, so it can prevent an attack before any damage is done. It additionally maintains an exceptionally detailed log of all attack attempts that contains more information than conventional Apache logs, so you could later analyze the data and take extra measures to boost the security of your sites if needed.

ModSecurity in Website Hosting

We offer ModSecurity with all website hosting solutions, so your web apps shall be resistant to destructive attacks. The firewall is turned on by default for all domains and subdomains, but in case you'd like, you'll be able to stop it via the respective part of your Hepsia CP. You can also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you'll discover inside Hepsia are quite detailed and feature information about the nature of any attack, when it happened and from what IP address, the firewall rule that was triggered, etcetera. We employ a set of commercial rules that are frequently updated, but sometimes our admins include custom rules as well so as to better protect the Internet sites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans which we offer come with ModSecurity and because the firewall is switched on by default, any site which you build under a domain or a subdomain shall be secured right away. An individual section within the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to start and stop the firewall for any Internet site or enable a detection mode. With the last mentioned, ModSecurity will not take any action, but it shall still identify possible attacks and will keep all data inside a log as if it were 100% active. The logs can be found within the exact same section of the Control Panel and they include specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules which we employ on our machines are a mix of commercial ones from a security business and custom ones created by our system admins. Therefore, we offer higher security for your web applications as we can shield them from attacks even before security businesses release updates for completely new threats.

ModSecurity in VPS Web Hosting

ModSecurity comes with all Hepsia-based virtual private servers that we offer and it will be activated automatically for any new domain or subdomain that you add on the server. This way, any web application that you install will be protected immediately without doing anything by hand on your end. The firewall can be managed through the section of the Control Panel which has the same name. This is the area in whichyou can disable ModSecurity or enable its passive mode, so it will not take any action towards threats, but will still maintain a thorough log. The recorded data is available within the same area as well and you will be able to see what IPs any attacks originated from so that you can block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules that we use on our servers are a mix between commercial ones we get from a security company and custom ones that are included by our staff to improve the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers Hosting

ModSecurity comes with all dedicated servers which are set up with our Hepsia Control Panel and you will not need to do anything specific on your end to use it as it is enabled by default whenever you include a new domain or subdomain on your hosting server. In the event that it disrupts any of your apps, you shall be able to stop it via the respective area of Hepsia, or you could leave it working in passive mode, so it shall detect attacks and shall still keep a log for them, but shall not stop them. You'll be able to examine the logs later to determine what you can do to enhance the security of your sites as you will find information such as where an intrusion attempt originated from, what website was attacked and based on what rule ModSecurity responded, and so on. The rules which we employ are commercial, hence they're constantly updated by a security firm, but to be on the safe side, our staff also add custom rules every now and then in order to react to any new threats they have discovered.