ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's employed to stop attacks against script-driven sites by using security rules that contain certain expressions. That way, the firewall can prevent hacking and spamming attempts and preserve even websites that are not updated regularly. For instance, a number of unsuccessful login attempts to a script admin area or attempts to execute a specific file with the intention to get access to the script shall trigger specific rules, so ModSecurity will stop these activities the moment it identifies them. The firewall is incredibly efficient because it tracks the whole HTTP traffic to a website in real time without slowing it down, so it can easily stop an attack before any harm is done. It also maintains a very thorough log of all attack attempts that features more info than conventional Apache logs, so you could later examine the data and take further measures to boost the security of your websites if necessary.

ModSecurity in Cloud Hosting

ModSecurity is available on all cloud hosting machines, so when you decide to host your websites with our business, they will be protected against a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there shall be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any Internet site if necessary, or to switch on a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You'll be able to view detailed logs using your Hepsia Control Panel including the IP where the attack came from, what the attacker wanted to do and how ModSecurity handled the threat. Since we take the security of our clients' Internet sites seriously, we employ a collection of commercial rules which we take from one of the leading companies which maintain this kind of rules. Our administrators also add custom rules to make certain that your sites shall be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions that we offer feature ModSecurity and because the firewall is switched on by default, any Internet site which you set up under a domain or a subdomain shall be protected right away. An individual section inside the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to stop and start the firewall for any website or enable a detection mode. With the last mentioned, ModSecurity shall not take any action, but it'll still recognize possible attacks and will keep all information within a log as if it were fully active. The logs can be found within the same section of the CP and they include specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules we employ on our servers are a mix between commercial ones from a security business and custom ones created by our system administrators. For that reason, we offer higher security for your web applications as we can shield them from attacks before security businesses release updates for new threats.

ModSecurity in VPS Hosting

Security is extremely important to us, so we install ModSecurity on all virtual private servers which are provided with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section within Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you will not have to do anything manually. You'll also be able to deactivate it or turn on the so-called detection mode, so it'll keep a log of possible attacks you can later analyze, but shall not block them. The logs in both passive and active modes contain information about the kind of the attack and how it was prevented, what IP address it came from and other important info that could help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. Beyond the commercial rules which we get for ModSecurity from a third-party security company, we also use our own rules because from time to time we discover specific attacks which are not yet present within the commercial pack. That way, we can easily enhance the security of your VPS promptly instead of awaiting a certified update.

ModSecurity in Dedicated Web Hosting

When you opt to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web applications will be protected right away since ModSecurity is available with all Hepsia-based packages. You'll be able to control the firewall easily and if needed, you will be able to turn it off or switch on its passive mode when it'll only maintain a log of what's going on without taking any action to prevent possible attacks. The logs which you can find within the exact same section of the Control Panel are incredibly detailed and contain details about the attacker IP, what site and file were attacked and in what way, what rule the firewall employed to stop the intrusion, etc. This info shall enable you to take measures and improve the security of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our admins include whenever they identify attacks which have not yet been included within the commercial pack.