ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is used to prevent attacks toward script-driven sites by using security rules that contain certain expressions. That way, the firewall can stop hacking and spamming attempts and preserve even websites that aren't updated frequently. For example, several failed login attempts to a script admin area or attempts to execute a particular file with the objective to get access to the script shall trigger specific rules, so ModSecurity will block these activities the minute it discovers them. The firewall is incredibly efficient because it screens the whole HTTP traffic to a website in real time without slowing it down, so it can stop an attack before any damage is done. It also keeps an incredibly thorough log of all attack attempts which contains more info than typical Apache logs, so you can later check out the data and take further measures to boost the security of your websites if needed.

ModSecurity in Shared Website Hosting

ModSecurity is supplied with all shared website hosting machines, so if you choose to host your websites with our business, they will be shielded from a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there will be nothing you will need to do on your end. You shall be able to stop ModSecurity for any website if required, or to enable a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view specific logs through your Hepsia Control Panel including the IP address where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. As we take the security of our customers' Internet sites seriously, we employ a set of commercial rules which we take from one of the leading companies which maintain this type of rules. Our administrators also add custom rules to ensure that your websites shall be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans that we offer feature ModSecurity and because the firewall is turned on by default, any Internet site which you create under a domain or a subdomain shall be secured right from the start. A separate section within the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll permit you to stop and start the firewall for any site or switch on a detection mode. With the last mentioned, ModSecurity won't take any action, but it'll still recognize possible attacks and shall keep all info inside a log as if it were completely active. The logs can be found in the very same section of the CP and they feature information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules that we employ on our machines are a mix between commercial ones from a security firm and custom ones created by our system admins. Consequently, we offer increased security for your web apps as we can shield them from attacks before security companies release updates for brand new threats.

ModSecurity in VPS

ModSecurity is included with all Hepsia-based virtual private servers which we offer and it'll be switched on automatically for any new domain or subdomain which you add on the hosting server. This way, any web application which you install will be protected from the very beginning without doing anything manually on your end. The firewall can be handled via the section of the CP that has the same name. This is the location in whichyou could disable ModSecurity or enable its passive mode, so it shall not take any action toward threats, but will still keep a comprehensive log. The recorded data is available inside the same area as well and you shall be able to see what IPs any attacks came from to enable you to stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules we employ on our servers are a combination between commercial ones that we obtain from a security firm and custom ones which are added by our staff to enhance the protection of any web applications hosted on our end.

ModSecurity in Dedicated Hosting

If you choose to host your Internet sites on a dedicated server with the Hepsia CP, your web apps will be secured straight away as ModSecurity is provided with all Hepsia-based plans. You shall be able to manage the firewall with ease and if required, you'll be able to turn it off or enable its passive mode when it'll only keep a log of what is taking place without taking any action to stop potential attacks. The logs which you'll find in the exact same section of the CP are very detailed and feature information about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so forth. This data will allow you to take measures and improve the protection of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our administrators add when they detect attacks that have not yet been included inside the commercial pack.