ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is employed to stop attacks against script-driven sites by using security rules which contain specific expressions. In this way, the firewall can stop hacking and spamming attempts and protect even Internet sites which are not updated frequently. For instance, multiple unsuccessful login attempts to a script admin area or attempts to execute a specific file with the intention to get access to the script will trigger certain rules, so ModSecurity will block out these activities the second it identifies them. The firewall is quite efficient because it tracks the whole HTTP traffic to a website in real time without slowing it down, so it could prevent an attack before any damage is done. It also keeps a very comprehensive log of all attack attempts that features more info than traditional Apache logs, so you can later check out the data and take further measures to boost the security of your Internet sites if required.

ModSecurity in Website Hosting

ModSecurity is available on all website hosting web servers, so if you choose to host your websites with our business, they shall be resistant to a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any website if necessary, or to activate a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You will be able to view specific logs using your Hepsia Control Panel including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity dealt with the threat. As we take the security of our customers' Internet sites very seriously, we employ a group of commercial rules which we get from one of the leading companies that maintain this sort of rules. Our admins also add custom rules to make certain that your sites will be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting plans and if you opt to host your Internet sites with us, there won't be anything special you'll have to do as the firewall is switched on by default for all domains and subdomains you include using your hosting Control Panel. If needed, you can disable ModSecurity for a particular website or turn on the so-called detection mode in which case the firewall will still work and record info, but shall not do anything to prevent potential attacks against your Internet sites. Comprehensive logs shall be available inside your Control Panel and you shall be able to see what sort of attacks happened, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, and so on. We use two kinds of rules on our servers - commercial ones from a business that operates in the field of web security, and custom ones which our admins sometimes add to respond to newly discovered risks in a timely manner.

ModSecurity in VPS Hosting

ModSecurity is pre-installed on all virtual private servers that are offered with the Hepsia hosting CP, so your web programs will be secured from the instant your server is ready. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if needed, you can disable it with a click of your mouse through the corresponding section of Hepsia. You could also set it to work in detection mode, so it will keep an extensive log of any possible attacks without taking any action to prevent them. The logs are available inside the same section and offer info about the nature of the attack, what IP it originated from and what ModSecurity rule was activated to stop it. For best security, we use not simply commercial rules from a company operating in the field of web security, but also custom ones that our admins include personally in order to respond to new risks which are still not addressed in the commercial rules.

ModSecurity in Dedicated Web Hosting

If you choose to host your websites on a dedicated server with the Hepsia Control Panel, your web programs shall be protected immediately since ModSecurity is supplied with all Hepsia-based plans. You shall be able to regulate the firewall without difficulty and if needed, you'll be able to turn it off or switch on its passive mode when it'll only maintain a log of what's happening without taking any action to prevent possible attacks. The logs that you will find inside the very same section of the Control Panel are very detailed and include info about the attacker IP, what website and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so forth. This data will permit you to take measures and boost the protection of your sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our admins add whenever they recognize attacks which haven't yet been included in the commercial pack.