ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is employed to stop attacks towards script-driven websites by using security rules that contain certain expressions. In this way, the firewall can block hacking and spamming attempts and shield even Internet sites that are not updated frequently. As an example, multiple unsuccessful login attempts to a script administrative area or attempts to execute a specific file with the objective to get access to the script shall trigger certain rules, so ModSecurity will block out these activities the minute it detects them. The firewall is quite efficient since it screens the entire HTTP traffic to a website in real time without slowing it down, so it can easily prevent an attack before any damage is done. It additionally maintains an exceptionally thorough log of all attack attempts which features more information than standard Apache logs, so you can later check out the data and take additional measures to enhance the security of your Internet sites if required.

ModSecurity in Web Hosting

ModSecurity is provided with all web hosting machines, so when you choose to host your Internet sites with our firm, they will be resistant to a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you shall need to do on your end. You shall be able to stop ModSecurity for any website if required, or to switch on a detection mode, so that all activity shall be recorded, but the firewall will not take any real action. You shall be able to view detailed logs via your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity addressed the threat. Since we take the security of our clients' sites seriously, we employ a selection of commercial rules that we get from one of the leading companies which maintain this sort of rules. Our administrators also add custom rules to ensure that your Internet sites will be protected against as many risks as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans which we offer include ModSecurity and because the firewall is switched on by default, any Internet site that you create under a domain or a subdomain will be protected immediately. An individual section within the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall permit you to stop and start the firewall for any website or enable a detection mode. With the last option, ModSecurity shall not take any action, but it'll still recognize possible attacks and shall keep all information in a log as if it were 100% active. The logs could be found within the very same section of the Control Panel and they offer details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules that we employ on our machines are a mix between commercial ones from a security firm and custom ones developed by our system administrators. Consequently, we provide higher security for your web applications as we can defend them from attacks before security companies release updates for new threats.

ModSecurity in VPS

ModSecurity comes with all Hepsia-based virtual private servers which we offer and it'll be turned on automatically for any new domain or subdomain that you add on the hosting server. In this way, any web application that you install shall be protected immediately without doing anything personally on your end. The firewall could be handled from the section of the CP that bears the same name. This is the area whereyou could disable ModSecurity or let its passive mode, so it shall not take any action toward threats, but will still keep a thorough log. The recorded information is available within the same section as well and you'll be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules which we employ on our servers are a combination between commercial ones we get from a security firm and custom ones which are added by our administrators to optimize the security of any web applications hosted on our end.

ModSecurity in Dedicated Hosting

When you opt to host your sites on a dedicated server with the Hepsia Control Panel, your web apps shall be protected immediately as ModSecurity is available with all Hepsia-based solutions. You shall be able to control the firewall without difficulty and if required, you will be able to turn it off or enable its passive mode when it will only maintain a log of what's taking place without taking any action to stop possible attacks. The logs that you'll find inside the very same section of the Control Panel are quite detailed and feature data about the attacker IP, what website and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, and so on. This info will allow you to take measures and enhance the security of your websites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our admins add every time they detect attacks that haven't yet been included inside the commercial pack.