ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's employed to stop attacks against script-driven Internet sites by using security rules which contain particular expressions. That way, the firewall can prevent hacking and spamming attempts and protect even sites that are not updated frequently. As an example, several unsuccessful login attempts to a script administrative area or attempts to execute a specific file with the intention to get access to the script shall trigger particular rules, so ModSecurity will block these activities the moment it identifies them. The firewall is quite efficient since it monitors the whole HTTP traffic to a website in real time without slowing it down, so it can easily prevent an attack before any harm is done. It furthermore keeps an exceptionally thorough log of all attack attempts which includes more information than traditional Apache logs, so you can later examine the data and take extra measures to boost the security of your sites if needed.

ModSecurity in Shared Web Hosting

ModSecurity is supplied with all shared web hosting web servers, so when you choose to host your sites with our organization, they will be protected against an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you shall have to do on your end. You will be able to stop ModSecurity for any website if needed, or to switch on a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You will be able to view detailed logs from your Hepsia CP including the IP where the attack came from, what the attacker wanted to do and how ModSecurity dealt with the threat. As we take the security of our customers' Internet sites very seriously, we employ a group of commercial rules which we get from one of the top companies that maintain such rules. Our admins also include custom rules to make sure that your websites will be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions which we offer come with ModSecurity and given that the firewall is turned on by default, any site you set up under a domain or a subdomain shall be secured right away. An independent section in the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it will permit you to stop and start the firewall for any Internet site or activate a detection mode. With the last mentioned, ModSecurity shall not take any action, but it will still detect possible attacks and shall keep all information in a log as if it were fully active. The logs could be found within the exact same section of the CP and they feature information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules that we employ on our servers are a mix of commercial ones from a security company and custom ones developed by our system administrators. For that reason, we offer greater security for your web programs as we can shield them from attacks before security corporations release updates for completely new threats.

ModSecurity in VPS Servers

All VPS servers which are offered with the Hepsia Control Panel feature ModSecurity. The firewall is installed and activated by default for all domains which are hosted on the machine, so there will not be anything special which you'll need to do to protect your Internet sites. It'll take you a click to stop ModSecurity if required or to turn on its passive mode so that it records what occurs without taking any steps to stop intrusions. You will be able to look at the logs generated in active or passive mode through the corresponding section of Hepsia and find out more about the form of the attack, where it originated from, what rule the firewall employed to deal with it, etc. We employ a combination of commercial and custom rules so as to make sure that ModSecurity shall stop as many risks as possible, consequently increasing the protection of your web applications as much as possible.

ModSecurity in Dedicated Servers

All our dedicated servers which are set up with the Hepsia hosting Control Panel feature ModSecurity, so any program which you upload or install shall be secured from the very beginning and you won't have to stress about common attacks or vulnerabilities. An independent section within Hepsia will allow you to start or stop the firewall for any domain or subdomain, or switch on a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you'll see in the logs can easily allow you to to secure your Internet sites better - the IP an attack originated from, what website was attacked and in what way, what ModSecurity rule was triggered, and so on. With this info, you could see if a website needs an update, whether you need to block IPs from accessing your web server, etc. Aside from the third-party commercial security rules for ModSecurity we use, our administrators add custom ones too every time they come across a new threat that's not yet included in the commercial bundle.