ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's employed to prevent attacks against script-driven Internet sites by using security rules that contain specific expressions. This way, the firewall can block hacking and spamming attempts and shield even Internet sites that are not updated regularly. For example, numerous unsuccessful login attempts to a script admin area or attempts to execute a particular file with the objective to get access to the script will trigger certain rules, so ModSecurity shall block out these activities the minute it identifies them. The firewall is very efficient as it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it could stop an attack before any damage is done. It additionally maintains an exceptionally detailed log of all attack attempts which includes more information than conventional Apache logs, so you could later examine the data and take additional measures to enhance the security of your Internet sites if necessary.

ModSecurity in Shared Website Hosting

ModSecurity is provided with all shared website hosting machines, so when you opt to host your websites with our firm, they shall be resistant to a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you will need to do on your end. You shall be able to stop ModSecurity for any Internet site if needed, or to activate a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You will be able to view specific logs using your Hepsia Control Panel including the IP where the attack originated from, what the attacker wished to do and how ModSecurity dealt with the threat. As we take the security of our clients' Internet sites very seriously, we employ a set of commercial rules which we get from one of the best companies which maintain this kind of rules. Our administrators also include custom rules to make certain that your Internet sites will be protected against as many risks as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions which we offer come with ModSecurity and given that the firewall is switched on by default, any site that you create under a domain or a subdomain shall be secured straight away. A separate section inside the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it shall permit you to stop and start the firewall for any Internet site or activate a detection mode. With the last option, ModSecurity shall not take any action, but it will still detect possible attacks and shall keep all data in a log as if it were fully active. The logs could be found inside the very same section of the CP and they feature details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules we use on our machines are a mix of commercial ones from a security firm and custom ones made by our system admins. Consequently, we offer greater security for your web applications as we can defend them from attacks even before security firms release updates for brand new threats.

ModSecurity in VPS Web Hosting

ModSecurity is pre-installed on all virtual private servers which are set up with the Hepsia hosting CP, so your web programs shall be protected from the moment your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if necessary, you can disable it with a mouse click from the corresponding section of Hepsia. You can also set it to function in detection mode, so it'll maintain an extensive log of any potential attacks without taking any action to prevent them. The logs can be found inside the exact same section and offer info about the nature of the attack, what IP it came from and what ModSecurity rule was triggered to stop it. For maximum security, we employ not simply commercial rules from a firm working in the field of web security, but also custom ones our admins include manually so as to react to new threats which are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers Hosting

ModSecurity comes with all dedicated servers which are set up with our Hepsia CP and you will not have to do anything specific on your end to employ it as it's activated by default every time you include a new domain or subdomain on your hosting server. If it disrupts some of your apps, you'll be able to stop it via the respective area of Hepsia, or you may leave it in passive mode, so it will detect attacks and will still keep a log for them, but will not prevent them. You may analyze the logs later to find out what you can do to improve the security of your Internet sites since you'll find info such as where an intrusion attempt came from, what site was attacked and based upon what rule ModSecurity reacted, etcetera. The rules we use are commercial, therefore they're constantly updated by a security firm, but to be on the safe side, our admins also add custom rules occasionally as to deal with any new threats they have identified.