ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's employed to prevent attacks toward script-driven websites by using security rules that contain certain expressions. In this way, the firewall can prevent hacking and spamming attempts and protect even websites which are not updated frequently. For instance, a number of failed login attempts to a script administrative area or attempts to execute a certain file with the objective to get access to the script will trigger specific rules, so ModSecurity shall stop these activities the instant it detects them. The firewall is incredibly efficient since it tracks the whole HTTP traffic to a site in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It additionally keeps a very thorough log of all attack attempts which features more info than standard Apache logs, so you can later check out the data and take additional measures to increase the security of your websites if needed.

ModSecurity in Cloud Hosting

ModSecurity is supplied with all cloud hosting machines, so when you decide to host your Internet sites with our firm, they'll be protected against a wide range of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you'll need to do on your end. You will be able to stop ModSecurity for any website if necessary, or to enable a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You shall be able to view detailed logs from your Hepsia Control Panel including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity handled the threat. Since we take the security of our clients' Internet sites seriously, we employ a selection of commercial rules which we get from one of the leading companies which maintain this type of rules. Our administrators also include custom rules to ensure that your sites will be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages that we offer feature ModSecurity and given that the firewall is enabled by default, any site which you set up under a domain or a subdomain shall be secured straight away. An individual section inside the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to start and stop the firewall for any website or enable a detection mode. With the last option, ModSecurity will not take any action, but it will still identify possible attacks and shall keep all info in a log as if it were completely active. The logs could be found inside the same section of the CP and they offer information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules we employ on our servers are a mix of commercial ones from a security business and custom ones created by our system admins. As a result, we provide greater security for your web applications as we can defend them from attacks even before security firms release updates for new threats.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers that are offered with the Hepsia hosting Control Panel, so your web applications will be protected from the second your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if needed, you can deactivate it with a click of your mouse from the corresponding section of Hepsia. You can also set it to work in detection mode, so it will maintain a detailed log of any possible attacks without taking any action to stop them. The logs can be found in the very same section and provide info about the nature of the attack, what IP it originated from and what ModSecurity rule was activated to stop it. For optimum security, we use not only commercial rules from a business operating in the field of web security, but also custom ones which our admins add manually in order to react to new risks which are still not tackled in the commercial rules.

ModSecurity in Dedicated Hosting

All our dedicated servers that are set up with the Hepsia hosting Control Panel feature ModSecurity, so any app you upload or set up shall be properly secured from the very beginning and you won't need to concern yourself with common attacks or vulnerabilities. An individual section within Hepsia will permit you to start or stop the firewall for every domain or subdomain, or switch on a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you will discover in the logs shall allow you to to secure your websites better - the IP address an attack originated from, what site was attacked and how, what ModSecurity rule was triggered, and so forth. With this information, you can see if a website needs an update, whether you need to block IPs from accessing your web server, and so forth. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones too if they discover a new threat that's not yet included in the commercial bundle.