ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's employed to stop attacks against script-driven sites by using security rules which contain specific expressions. This way, the firewall can stop hacking and spamming attempts and preserve even websites which are not updated frequently. For instance, numerous unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the intention to get access to the script will trigger certain rules, so ModSecurity will stop these activities the moment it detects them. The firewall is incredibly efficient because it screens the entire HTTP traffic to a website in real time without slowing it down, so it will be able to stop an attack before any damage is done. It also keeps an incredibly detailed log of all attack attempts which contains more information than standard Apache logs, so you can later check out the data and take extra measures to enhance the security of your Internet sites if required.

ModSecurity in Hosting

ModSecurity is provided with all hosting web servers, so if you opt to host your websites with our business, they shall be protected against a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you shall need to do on your end. You shall be able to stop ModSecurity for any Internet site if required, or to activate a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You shall be able to view detailed logs through your Hepsia CP including the IP where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. Since we take the protection of our customers' websites seriously, we employ a set of commercial rules which we get from one of the leading companies that maintain such rules. Our admins also add custom rules to make certain that your websites will be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Hosting

Any web program you set up inside your new semi-dedicated hosting account will be protected by ModSecurity since the firewall is included with all our hosting packages and is activated by default for any domain and subdomain that you include or create using your Hepsia hosting Control Panel. You shall be able to manage ModSecurity via a dedicated section inside Hepsia where not simply can you activate or deactivate it entirely, but you can also enable a passive mode, so the firewall shall not stop anything, but it will still keep an archive of potential attacks. This normally requires just a mouse click and you shall be able to see the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was dealt with, and so on. The firewall uses two groups of rules on our machines - a commercial one which we get from a third-party web security provider and a custom one which our admins update personally in order to respond to newly discovered threats as soon as possible.

ModSecurity in VPS Web Hosting

Safety is vital to us, so we set up ModSecurity on all virtual private servers which are provided with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section within Hepsia and is turned on automatically when you include a new domain or generate a subdomain, so you will not need to do anything by hand. You'll also be able to deactivate it or turn on the so-called detection mode, so it shall keep a log of possible attacks which you can later examine, but will not block them. The logs in both passive and active modes include info about the kind of the attack and how it was prevented, what IP it originated from and other important information which may help you to tighten the security of your sites by updating them or blocking IPs, for instance. On top of the commercial rules that we get for ModSecurity from a third-party security enterprise, we also employ our own rules because every now and then we identify specific attacks that aren't yet present inside the commercial group. That way, we can enhance the protection of your Virtual private server in a timely manner instead of waiting for a certified update.

ModSecurity in Dedicated Servers Hosting

If you choose to host your websites on a dedicated server with the Hepsia CP, your web applications will be secured straight away since ModSecurity is supplied with all Hepsia-based plans. You shall be able to regulate the firewall effortlessly and if required, you shall be able to turn it off or switch on its passive mode when it will only keep a log of what's taking place without taking any action to stop potential attacks. The logs which you can find in the very same section of the Control Panel are quite detailed and include information about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to stop the intrusion, and so on. This info shall enable you to take measures and improve the protection of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our administrators add whenever they recognize attacks which haven't yet been included inside the commercial pack.