ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is used to stop attacks against script-driven websites by using security rules which contain specific expressions. That way, the firewall can stop hacking and spamming attempts and preserve even sites that are not updated regularly. For example, multiple failed login attempts to a script administrative area or attempts to execute a specific file with the intention to get access to the script shall trigger certain rules, so ModSecurity will block out these activities the second it discovers them. The firewall is very efficient since it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It also keeps a very detailed log of all attack attempts that includes more info than traditional Apache logs, so you could later check out the data and take additional measures to boost the security of your websites if required.

ModSecurity in Shared Website Hosting

ModSecurity is available on all shared website hosting machines, so if you decide to host your sites with our organization, they will be shielded from a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you'll have to do on your end. You'll be able to stop ModSecurity for any Internet site if needed, or to enable a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You'll be able to view specific logs using your Hepsia CP including the IP where the attack originated from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the safety of our clients' sites seriously, we use a group of commercial rules which we take from one of the best firms that maintain this sort of rules. Our administrators also include custom rules to make sure that your sites will be protected against as many threats as possible.

ModSecurity in Semi-dedicated Hosting

Any web program that you install in your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall is included with all our hosting plans and is activated by default for any domain and subdomain which you add or create through your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated section inside Hepsia where not simply can you activate or deactivate it entirely, but you could also enable a passive mode, so the firewall shall not block anything, but it'll still keep a record of potential attacks. This takes simply a click and you'll be able to look at the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was taken care of, etcetera. The firewall employs 2 groups of rules on our web servers - a commercial one which we get from a third-party web security firm and a custom one that our admins update personally as to respond to recently discovered risks at the earliest opportunity.

ModSecurity in VPS

All virtual private servers which are provided with the Hepsia Control Panel feature ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the web server, so there won't be anything special which you'll need to do to protect your websites. It will take you only a mouse click to stop ModSecurity if required or to turn on its passive mode so that it records what happens without taking any actions to prevent intrusions. You shall be able to see the logs produced in active or passive mode through the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall employed to deal with it, and so forth. We use a mix of commercial and custom rules so as to make sure that ModSecurity shall block out as many risks as possible, thus increasing the protection of your web programs as much as possible.

ModSecurity in Dedicated Hosting

All our dedicated servers that are set up with the Hepsia hosting Control Panel feature ModSecurity, so any application that you upload or set up shall be protected from the very beginning and you will not have to bother about common attacks or vulnerabilities. An individual section in Hepsia will enable you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you shall see in the logs can enable you to to secure your sites better - the IP an attack originated from, what site was attacked and exactly how, what ModSecurity rule was triggered, and so on. With this data, you could see whether an Internet site needs an update, whether you need to block IPs from accessing your server, and so on. Aside from the third-party commercial security rules for ModSecurity we use, our administrators add custom ones as well every time they discover a new threat that is not yet included in the commercial bundle.