ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is employed to stop attacks towards script-driven Internet sites by using security rules which contain particular expressions. In this way, the firewall can stop hacking and spamming attempts and preserve even Internet sites that aren't updated frequently. As an example, a number of unsuccessful login attempts to a script admin area or attempts to execute a particular file with the objective to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the second it identifies them. The firewall is extremely efficient as it screens the whole HTTP traffic to a site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It additionally maintains an incredibly detailed log of all attack attempts which includes more information than standard Apache logs, so you could later examine the data and take additional measures to boost the security of your sites if needed.

ModSecurity in Shared Hosting

ModSecurity is supplied with all shared hosting machines, so when you choose to host your websites with our business, they will be protected against a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you'll need to do on your end. You will be able to stop ModSecurity for any website if required, or to enable a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You'll be able to view detailed logs through your Hepsia CP including the IP where the attack originated from, what the attacker wanted to do and how ModSecurity dealt with the threat. Since we take the security of our clients' websites seriously, we use a selection of commercial rules that we get from one of the best companies that maintain this sort of rules. Our admins also add custom rules to ensure that your sites will be protected against as many threats as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting solutions and if you choose to host your sites with our company, there won't be anything special you'll need to do as the firewall is switched on by default for all domains and subdomains that you include through your hosting CP. If needed, you could disable ModSecurity for a particular Internet site or turn on the so-called detection mode in which case the firewall shall still operate and record data, but won't do anything to stop possible attacks on your websites. In depth logs will be accessible within your Control Panel and you'll be able to see what sort of attacks happened, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, etcetera. We employ two sorts of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom ones which our admins often include to respond to newly found risks on time.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers which are provided with the Hepsia hosting CP, so your web apps will be secured from the instant your server is ready. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if needed, you can disable it with a click via the corresponding section of Hepsia. You may also set it to operate in detection mode, so it shall maintain an extensive log of any possible attacks without taking any action to prevent them. The logs can be found in the same section and include information regarding the nature of the attack, what IP it originated from and what ModSecurity rule was activated to stop it. For maximum security, we employ not just commercial rules from a firm operating in the field of web security, but also custom ones that our administrators include manually so as to react to new threats that are still not tackled in the commercial rules.

ModSecurity in Dedicated Hosting

All our dedicated servers that are installed with the Hepsia hosting Control Panel feature ModSecurity, so any application which you upload or set up will be properly secured from the very beginning and you will not have to stress about common attacks or vulnerabilities. An independent section inside Hepsia will allow you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records info about intrusions, but does not take actions to stop them. What you'll see in the logs shall help you to secure your Internet sites better - the IP an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, and so on. With this information, you'll be able to see whether an Internet site needs an update, whether you need to block IPs from accessing your server, and so on. On top of the third-party commercial security rules for ModSecurity we use, our administrators add custom ones too when they find a new threat which is not yet in the commercial bundle.