ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's used to stop attacks towards script-driven sites through the use of security rules which contain specific expressions. That way, the firewall can block hacking and spamming attempts and shield even sites which aren't updated regularly. As an example, multiple failed login attempts to a script administrative area or attempts to execute a particular file with the intention to get access to the script shall trigger specific rules, so ModSecurity will block these activities the minute it identifies them. The firewall is extremely efficient because it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it can easily prevent an attack before any damage is done. It additionally maintains an exceptionally comprehensive log of all attack attempts that contains more information than typical Apache logs, so you can later check out the data and take additional measures to boost the security of your sites if needed.

ModSecurity in Web Hosting

ModSecurity is available on all web hosting machines, so if you choose to host your Internet sites with our business, they'll be shielded from a wide array of attacks. The firewall is turned on by default for all domains and subdomains, so there will be nothing you'll need to do on your end. You shall be able to stop ModSecurity for any Internet site if needed, or to activate a detection mode, so all activity will be recorded, but the firewall will not take any real action. You shall be able to view comprehensive logs through your Hepsia CP including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity handled the threat. As we take the safety of our clients' sites very seriously, we use a set of commercial rules which we get from one of the best companies which maintain this kind of rules. Our admins also add custom rules to make certain that your websites will be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages which we offer include ModSecurity and because the firewall is switched on by default, any website that you set up under a domain or a subdomain shall be secured straight away. An individual section within the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall permit you to start and stop the firewall for any website or switch on a detection mode. With the last option, ModSecurity won't take any action, but it'll still recognize possible attacks and will keep all information inside a log as if it were 100% active. The logs can be found in the exact same section of the Control Panel and they include details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules which we employ on our web servers are a mix of commercial ones from a security company and custom ones created by our system administrators. As a result, we provide greater security for your web programs as we can defend them from attacks even before security firms release updates for completely new threats.

ModSecurity in VPS Servers

ModSecurity is included with all Hepsia-based VPS servers we offer and it will be switched on automatically for any new domain or subdomain that you add on the hosting server. This way, any web app you install shall be protected from the very beginning without doing anything personally on your end. The firewall may be managed via the section of the CP that bears the same name. This is the place whereyou'll be able to disable ModSecurity or let its passive mode, so it will not take any action towards threats, but shall still keep a comprehensive log. The recorded info is available inside the same area as well and you shall be able to see what IPs any attacks came from so that you can stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules we use on our servers are a combination between commercial ones which we obtain from a security company and custom ones which are added by our administrators to improve the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

When you choose to host your Internet sites on a dedicated server with the Hepsia CP, your web apps will be secured straight away since ModSecurity is provided with all Hepsia-based packages. You shall be able to regulate the firewall with ease and if necessary, you'll be able to turn it off or switch on its passive mode when it will only keep a log of what is taking place without taking any action to stop potential attacks. The logs which you will find in the very same section of the Control Panel are extremely detailed and include information about the attacker IP, what site and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, etc. This information shall permit you to take measures and increase the security of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our staff add whenever they identify attacks that have not yet been included inside the commercial pack.