ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is used to stop attacks towards script-driven websites by employing security rules which contain specific expressions. In this way, the firewall can block hacking and spamming attempts and preserve even Internet sites which are not updated on a regular basis. As an example, multiple failed login attempts to a script admin area or attempts to execute a certain file with the purpose to get access to the script shall trigger particular rules, so ModSecurity shall stop these activities the instant it detects them. The firewall is very efficient as it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it can stop an attack before any damage is done. It additionally maintains an exceptionally comprehensive log of all attack attempts which contains more information than traditional Apache logs, so you could later check out the data and take additional measures to boost the security of your Internet sites if needed.

ModSecurity in Website Hosting

ModSecurity is available with every website hosting package that we provide and it is turned on by default for every domain or subdomain that you include through your Hepsia Control Panel. In the event that it disrupts any of your programs or you would like to disable it for some reason, you shall be able to do that through the ModSecurity area of Hepsia with simply a mouse click. You may also activate a passive mode, so the firewall will detect potential attacks and maintain a log, but shall not take any action. You'll be able to see comprehensive logs in the very same section, including the IP where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, and so on. For maximum security of our customers we use a group of commercial firewall rules blended with custom ones which are provided by our system administrators.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans that we offer feature ModSecurity and since the firewall is enabled by default, any website you set up under a domain or a subdomain will be protected right away. An independent section in the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to stop and start the firewall for any website or enable a detection mode. With the latter, ModSecurity will not take any action, but it will still identify possible attacks and shall keep all information inside a log as if it were fully active. The logs could be found in the exact same section of the Control Panel and they offer details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules which we employ on our servers are a mix between commercial ones from a security firm and custom ones developed by our system admins. Therefore, we provide greater security for your web applications as we can protect them from attacks even before security corporations release updates for brand new threats.

ModSecurity in VPS Hosting

All virtual private servers which are offered with the Hepsia Control Panel include ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the server, so there won't be anything special that you'll need to do to protect your websites. It will take you a mouse click to stop ModSecurity if needed or to turn on its passive mode so that it records what occurs without taking any actions to prevent intrusions. You will be able to see the logs produced in passive or active mode via the corresponding section of Hepsia and discover more about the form of the attack, where it came from, what rule the firewall employed to take care of it, and so forth. We use a mixture of commercial and custom rules in order to make sure that ModSecurity shall prevent as many risks as possible, therefore increasing the security of your web apps as much as possible.

ModSecurity in Dedicated Web Hosting

ModSecurity comes with all dedicated servers which are set up with our Hepsia Control Panel and you will not need to do anything specific on your end to use it since it's enabled by default each time you add a new domain or subdomain on your hosting server. In case it interferes with some of your applications, you shall be able to stop it via the respective part of Hepsia, or you may leave it operating in passive mode, so it shall identify attacks and shall still keep a log for them, but shall not prevent them. You'll be able to analyze the logs later to determine what you can do to enhance the protection of your Internet sites as you shall find information such as where an intrusion attempt originated from, what Internet site was attacked and based upon what rule ModSecurity reacted, etc. The rules which we use are commercial, thus they're constantly updated by a security provider, but to be on the safe side, our staff also add custom rules from time to time in order to respond to any new threats they have found.