ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is employed to stop attacks towards script-driven sites by employing security rules that contain particular expressions. This way, the firewall can stop hacking and spamming attempts and shield even websites which aren't updated regularly. For example, several unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the purpose to get access to the script shall trigger particular rules, so ModSecurity shall block these activities the second it detects them. The firewall is very efficient since it screens the whole HTTP traffic to a website in real time without slowing it down, so it could prevent an attack before any harm is done. It furthermore maintains a very detailed log of all attack attempts which contains more info than traditional Apache logs, so you can later check out the data and take additional measures to boost the security of your websites if necessary.

ModSecurity in Web Hosting

ModSecurity is provided with all web hosting web servers, so if you choose to host your websites with our firm, they will be protected against a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any website if needed, or to switch on a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You will be able to view detailed logs through your Hepsia CP including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity handled the threat. As we take the security of our clients' Internet sites very seriously, we employ a group of commercial rules that we get from one of the top companies that maintain this type of rules. Our administrators also include custom rules to make sure that your sites will be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions which we offer come with ModSecurity and given that the firewall is switched on by default, any website that you create under a domain or a subdomain will be secured right away. A separate section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll enable you to stop and start the firewall for any website or enable a detection mode. With the last option, ModSecurity will not take any action, but it shall still recognize possible attacks and shall keep all info in a log as if it were 100% active. The logs could be found within the same section of the CP and they offer info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules we use on our machines are a mix between commercial ones from a security business and custom ones made by our system admins. As a result, we provide greater security for your web programs as we can shield them from attacks before security corporations release updates for brand new threats.

ModSecurity in VPS

ModSecurity comes with all Hepsia-based virtual private servers that we offer and it will be activated automatically for every new domain or subdomain which you add on the hosting server. That way, any web app that you install shall be secured immediately without doing anything by hand on your end. The firewall could be managed through the section of the Control Panel that has the same name. This is the place in whichyou can turn off ModSecurity or enable its passive mode, so it shall not take any action toward threats, but will still maintain a thorough log. The recorded info is available within the same area as well and you will be able to see what IPs any attacks originated from to enable you to stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules we employ on our servers are a mixture between commercial ones we obtain from a security organization and custom ones that are added by our admins to enhance the security of any web applications hosted on our end.

ModSecurity in Dedicated Hosting

All of our dedicated servers that are installed with the Hepsia hosting Control Panel include ModSecurity, so any app you upload or install shall be protected from the very beginning and you will not have to bother about common attacks or vulnerabilities. An independent section inside Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you'll discover in the logs can help you to secure your websites better - the IP address an attack came from, what site was attacked as well as how, what ModSecurity rule was triggered, etc. With this info, you can see if an Internet site needs an update, if you should block IPs from accessing your server, and so on. Besides the third-party commercial security rules for ModSecurity we use, our admins include custom ones as well when they find a new threat that's not yet a part of the commercial bundle.