ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's used to stop attacks against script-driven websites by using security rules that contain specific expressions. In this way, the firewall can stop hacking and spamming attempts and shield even websites which aren't updated regularly. As an example, numerous failed login attempts to a script administrator area or attempts to execute a specific file with the intention to get access to the script will trigger certain rules, so ModSecurity shall stop these activities the second it detects them. The firewall is extremely efficient since it monitors the whole HTTP traffic to a website in real time without slowing it down, so it could stop an attack before any damage is done. It additionally keeps an exceptionally thorough log of all attack attempts that includes more information than typical Apache logs, so you could later analyze the data and take additional measures to increase the security of your sites if necessary.

ModSecurity in Shared Hosting

ModSecurity is supplied with all shared hosting machines, so when you choose to host your websites with our firm, they will be shielded from an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you'll have to do on your end. You'll be able to stop ModSecurity for any website if necessary, or to activate a detection mode, so all activity will be recorded, but the firewall won't take any real action. You shall be able to view specific logs via your Hepsia Control Panel including the IP where the attack originated from, what the attacker wished to do and how ModSecurity dealt with the threat. Since we take the security of our customers' sites very seriously, we employ a selection of commercial rules which we get from one of the best companies that maintain this kind of rules. Our administrators also include custom rules to make sure that your Internet sites shall be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Servers

We have integrated ModSecurity as a standard inside all semi-dedicated server plans, so your web apps will be protected the instant you install them under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall permit you to enable or turn off the firewall for any Internet site with a mouse click. You will also have the ability to switch on a passive detection mode through which ModSecurity shall keep a log of possible attacks without actually preventing them. The comprehensive logs include the nature of the attack and what ModSecurity response that attack triggered, where it originated from, and so forth. The list of rules we employ is constantly updated in order to match any new threats which might appear on the Internet and it comes with both commercial rules that we get from a security business and custom-written ones that our administrators add in case they find a threat that is not present in the commercial list yet.

ModSecurity in VPS Servers

ModSecurity comes with all Hepsia-based VPS servers which we offer and it will be turned on automatically for every new domain or subdomain you include on the machine. In this way, any web app which you install shall be secured from the very beginning without doing anything manually on your end. The firewall may be managed through the section of the CP that bears the same name. This is the location whereyou could switch off ModSecurity or let its passive mode, so it shall not take any action towards threats, but shall still maintain a detailed log. The recorded information is available inside the same area as well and you shall be able to see what IPs any attacks came from to enable you to stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules that we use on our servers are a blend between commercial ones we get from a security company and custom ones which are added by our admins to enhance the protection of any web applications hosted on our end.

ModSecurity in Dedicated Servers

When you decide to host your websites on a dedicated server with the Hepsia CP, your web applications will be protected right away because ModSecurity is supplied with all Hepsia-based packages. You will be able to regulate the firewall with ease and if required, you'll be able to turn it off or activate its passive mode when it shall only keep a log of what's taking place without taking any action to stop potential attacks. The logs which you'll find within the same section of the Control Panel are extremely detailed and include details about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etcetera. This info will permit you to take measures and increase the protection of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our staff include every time they recognize attacks that have not yet been included in the commercial pack.