ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's employed to prevent attacks towards script-driven Internet sites by using security rules which contain particular expressions. In this way, the firewall can block hacking and spamming attempts and protect even websites that are not updated regularly. For example, a number of failed login attempts to a script admin area or attempts to execute a certain file with the intention to get access to the script will trigger particular rules, so ModSecurity shall block these activities the second it discovers them. The firewall is incredibly efficient since it monitors the entire HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any damage is done. It furthermore maintains an incredibly detailed log of all attack attempts that includes more information than conventional Apache logs, so you could later check out the data and take additional measures to improve the security of your Internet sites if necessary.

ModSecurity in Shared Hosting

ModSecurity is supplied with all shared hosting web servers, so when you choose to host your Internet sites with our firm, they'll be shielded from a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you shall need to do on your end. You will be able to stop ModSecurity for any site if required, or to enable a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You'll be able to view comprehensive logs from your Hepsia CP including the IP where the attack came from, what the attacker wanted to do and how ModSecurity dealt with the threat. As we take the safety of our clients' websites very seriously, we use a collection of commercial rules which we take from one of the best companies which maintain such rules. Our administrators also add custom rules to make certain that your Internet sites will be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions that we offer come with ModSecurity and given that the firewall is turned on by default, any Internet site which you build under a domain or a subdomain will be protected immediately. An individual section in the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it will allow you to start and stop the firewall for any Internet site or enable a detection mode. With the last option, ModSecurity shall not take any action, but it shall still detect possible attacks and shall keep all information within a log as if it were completely active. The logs could be found in the same section of the Control Panel and they feature info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules that we use on our machines are a mix of commercial ones from a security business and custom ones created by our system admins. For that reason, we offer greater security for your web apps as we can protect them from attacks even before security businesses release updates for new threats.

ModSecurity in VPS Servers

All VPS servers which are offered with the Hepsia Control Panel include ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the machine, so there will not be anything special which you shall have to do to protect your sites. It'll take you a mouse click to stop ModSecurity if necessary or to turn on its passive mode so that it records what goes on without taking any steps to prevent intrusions. You shall be able to see the logs created in active or passive mode from the corresponding section of Hepsia and find out more about the form of the attack, where it originated from, what rule the firewall employed to handle it, etc. We employ a mix of commercial and custom rules so as to make certain that ModSecurity shall block as many threats as possible, thus boosting the security of your web programs as much as possible.

ModSecurity in Dedicated Servers

All our dedicated servers which are installed with the Hepsia hosting Control Panel feature ModSecurity, so any app you upload or set up will be properly secured from the very beginning and you won't have to worry about common attacks or vulnerabilities. A separate section in Hepsia will enable you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records info about intrusions, but doesn't take actions to stop them. What you shall see in the logs shall help you to secure your websites better - the IP address an attack came from, what website was attacked and how, what ModSecurity rule was triggered, etcetera. With this info, you can see whether a website needs an update, if you should block IPs from accessing your server, and so forth. In addition to the third-party commercial security rules for ModSecurity we use, our admins include custom ones as well if they find a new threat which is not yet included in the commercial bundle.