ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is used to prevent attacks toward script-driven Internet sites through the use of security rules that contain particular expressions. This way, the firewall can stop hacking and spamming attempts and shield even sites which are not updated frequently. As an example, numerous failed login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall block these activities the instant it discovers them. The firewall is extremely efficient as it monitors the whole HTTP traffic to a website in real time without slowing it down, so it can prevent an attack before any harm is done. It also keeps an exceptionally comprehensive log of all attack attempts which features more information than typical Apache logs, so you can later check out the data and take further measures to enhance the security of your Internet sites if needed.

ModSecurity in Shared Hosting

ModSecurity is supplied with all shared hosting web servers, so if you choose to host your websites with our business, they shall be shielded from a wide range of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you shall have to do on your end. You'll be able to stop ModSecurity for any website if necessary, or to enable a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view detailed logs using your Hepsia Control Panel including the IP where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. Since we take the protection of our clients' sites very seriously, we use a set of commercial rules that we get from one of the leading companies which maintain such rules. Our admins also add custom rules to make certain that your websites will be protected against as many risks as possible.

ModSecurity in Semi-dedicated Hosting

We've integrated ModSecurity by default in all semi-dedicated hosting plans, so your web applications shall be protected whenever you set them up under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts will permit you to switch on or disable the firewall for any website with a mouse click. You'll also have the ability to switch on a passive detection mode through which ModSecurity will keep a log of potential attacks without actually stopping them. The detailed logs contain the nature of the attack and what ModSecurity response that attack activated, where it originated from, etcetera. The list of rules that we use is constantly updated in order to match any new threats which could appear on the Internet and it features both commercial rules that we get from a security business and custom-written ones that our admins add in case they discover a threat that is not present in the commercial list yet.

ModSecurity in VPS Hosting

ModSecurity is provided with all Hepsia-based virtual private servers which we offer and it will be activated automatically for every new domain or subdomain you add on the server. In this way, any web application you install will be protected right away without doing anything personally on your end. The firewall may be handled from the section of the Control Panel which has the same name. This is the area in whichyou could turn off ModSecurity or activate its passive mode, so it will not take any action against threats, but will still keep a detailed log. The recorded data is available within the same area as well and you'll be able to see what IPs any attacks originated from to enable you to block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules that we use on our servers are a combination between commercial ones we obtain from a security firm and custom ones which are included by our administrators to optimize the protection of any web apps hosted on our end.

ModSecurity in Dedicated Web Hosting

All of our dedicated servers that are set up with the Hepsia hosting Control Panel feature ModSecurity, so any application that you upload or install will be properly secured from the very beginning and you'll not have to stress about common attacks or vulnerabilities. A separate section inside Hepsia will enable you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you'll discover in the logs can help you to secure your sites better - the IP address an attack came from, what site was attacked as well as how, what ModSecurity rule was triggered, etc. With this info, you can see whether a site needs an update, whether you need to block IPs from accessing your hosting server, and so forth. In addition to the third-party commercial security rules for ModSecurity which we use, our admins include custom ones too when they come across a new threat which is not yet included in the commercial bundle.