ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is used to stop attacks toward script-driven websites by using security rules that contain particular expressions. In this way, the firewall can prevent hacking and spamming attempts and shield even websites which are not updated often. For instance, several unsuccessful login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script will trigger particular rules, so ModSecurity shall stop these activities the minute it identifies them. The firewall is quite efficient because it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it can stop an attack before any damage is done. It also keeps an exceptionally thorough log of all attack attempts that contains more information than typical Apache logs, so you can later check out the data and take extra measures to improve the security of your sites if needed.

ModSecurity in Shared Hosting

We offer ModSecurity with all shared hosting solutions, so your Internet apps shall be resistant to harmful attacks. The firewall is activated as standard for all domains and subdomains, but in case you'd like, you'll be able to stop it using the respective area of your Hepsia CP. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you will find within Hepsia are quite detailed and feature information about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, etcetera. We employ a range of commercial rules which are constantly updated, but sometimes our administrators add custom rules as well so as to efficiently protect the Internet sites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

Any web program which you install inside your new semi-dedicated hosting account will be protected by ModSecurity because the firewall comes with all our hosting solutions and is activated by default for any domain and subdomain that you add or create using your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated section in Hepsia where not only could you activate or deactivate it entirely, but you can also switch on a passive mode, so the firewall won't stop anything, but it shall still maintain a record of potential attacks. This takes simply a mouse click and you will be able to view the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was addressed, etc. The firewall uses two sets of rules on our web servers - a commercial one that we get from a third-party web security company and a custom one which our admins update personally as to respond to recently discovered threats immediately.

ModSecurity in VPS Hosting

All virtual private servers which are offered with the Hepsia Control Panel include ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the web server, so there won't be anything special that you will have to do to protect your sites. It'll take you a click to stop ModSecurity if necessary or to activate its passive mode so that it records what happens without taking any measures to prevent intrusions. You will be able to see the logs generated in passive or active mode through the corresponding section of Hepsia and learn more about the type of the attack, where it originated from, what rule the firewall employed to take care of it, and so forth. We use a combination of commercial and custom rules in order to ensure that ModSecurity will block out as many risks as possible, consequently enhancing the protection of your web programs as much as possible.

ModSecurity in Dedicated Web Hosting

All of our dedicated servers which are installed with the Hepsia hosting Control Panel come with ModSecurity, so any program which you upload or set up shall be properly secured from the very beginning and you'll not have to concern yourself with common attacks or vulnerabilities. An independent section in Hepsia will permit you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to stop them. What you'll find in the logs can easily help you to secure your Internet sites better - the IP address an attack originated from, what website was attacked and exactly how, what ModSecurity rule was triggered, etc. With this data, you could see whether a site needs an update, if you ought to block IPs from accessing your server, etc. On top of the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones as well when they discover a new threat that is not yet in the commercial bundle.