ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is used to stop attacks against script-driven sites by using security rules that contain specific expressions. This way, the firewall can block hacking and spamming attempts and preserve even Internet sites that aren't updated often. For example, multiple unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the objective to get access to the script will trigger specific rules, so ModSecurity will block these activities the moment it identifies them. The firewall is very efficient since it monitors the whole HTTP traffic to a site in real time without slowing it down, so it can easily stop an attack before any damage is done. It furthermore maintains an incredibly comprehensive log of all attack attempts that features more information than conventional Apache logs, so you could later check out the data and take additional measures to improve the security of your Internet sites if needed.

ModSecurity in Cloud Web Hosting

We offer ModSecurity with all cloud web hosting packages, so your Internet apps will be protected against malicious attacks. The firewall is turned on by default for all domains and subdomains, but if you would like, you will be able to stop it using the respective section of your Hepsia CP. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you'll discover within Hepsia are incredibly detailed and offer info about the nature of any attack, when it took place and from what IP address, the firewall rule that was triggered, etc. We use a set of commercial rules which are constantly updated, but sometimes our administrators include custom rules as well so as to better protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions which we offer come with ModSecurity and given that the firewall is enabled by default, any website which you set up under a domain or a subdomain will be secured right from the start. An independent section in the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will enable you to start and stop the firewall for any site or activate a detection mode. With the last mentioned, ModSecurity won't take any action, but it will still recognize possible attacks and will keep all info within a log as if it were completely active. The logs can be found within the very same section of the Control Panel and they feature information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules that we use on our machines are a mix between commercial ones from a security firm and custom ones developed by our system admins. For that reason, we provide higher security for your web applications as we can protect them from attacks even before security firms release updates for completely new threats.

ModSecurity in VPS Hosting

ModSecurity is provided with all Hepsia-based virtual private servers which we offer and it'll be switched on automatically for every new domain or subdomain which you include on the web server. This way, any web application that you install shall be protected right from the start without doing anything personally on your end. The firewall could be handled via the section of the CP that has the same name. This is the area whereyou'll be able to turn off ModSecurity or activate its passive mode, so it will not take any action against threats, but will still keep a detailed log. The recorded info is available inside the same area as well and you will be able to see what IPs any attacks originated from to enable you to stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules that we employ on our servers are a mix between commercial ones we obtain from a security organization and custom ones that are included by our administrators to improve the security of any web applications hosted on our end.

ModSecurity in Dedicated Web Hosting

ModSecurity is provided with all dedicated servers that are set up with our Hepsia CP and you will not have to do anything specific on your end to use it because it's enabled by default each time you include a new domain or subdomain on your hosting server. If it disrupts some of your apps, you shall be able to stop it through the respective area of Hepsia, or you may leave it in passive mode, so it will recognize attacks and will still keep a log for them, but shall not prevent them. You'll be able to look at the logs later to learn what you can do to enhance the protection of your websites since you'll find info such as where an intrusion attempt came from, what Internet site was attacked and based on what rule ModSecurity reacted, etc. The rules that we employ are commercial, hence they're regularly updated by a security firm, but to be on the safe side, our staff also include custom rules from time to time as to deal with any new threats they have discovered.