ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is used to stop attacks toward script-driven Internet sites by employing security rules that contain specific expressions. This way, the firewall can prevent hacking and spamming attempts and shield even sites that aren't updated regularly. As an example, several failed login attempts to a script administrator area or attempts to execute a certain file with the purpose to get access to the script shall trigger particular rules, so ModSecurity will block out these activities the second it detects them. The firewall is very efficient as it tracks the whole HTTP traffic to a website in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It also maintains a very thorough log of all attack attempts that includes more info than conventional Apache logs, so you can later check out the data and take further measures to improve the security of your Internet sites if needed.

ModSecurity in Hosting

ModSecurity is supplied with all hosting web servers, so if you decide to host your websites with our company, they'll be protected against a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you shall have to do on your end. You'll be able to stop ModSecurity for any site if necessary, or to enable a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You'll be able to view detailed logs from your Hepsia CP including the IP where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. Since we take the safety of our customers' sites very seriously, we employ a collection of commercial rules that we take from one of the leading companies that maintain this kind of rules. Our admins also include custom rules to make sure that your websites will be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting solutions and if you opt to host your Internet sites with us, there won't be anything special you'll have to do as the firewall is activated by default for all domains and subdomains you add via your hosting Control Panel. If necessary, you could disable ModSecurity for a certain Internet site or enable the so-called detection mode in which case the firewall shall still work and record info, but won't do anything to stop potential attacks on your sites. Comprehensive logs shall be readily available inside your CP and you will be able to see what sort of attacks took place, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, and so on. We use two sorts of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom made ones which our administrators often add to respond to newly identified risks in a timely manner.

ModSecurity in VPS Hosting

All virtual private servers that are provided with the Hepsia CP include ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the machine, so there will not be anything special that you shall have to do to protect your sites. It'll take you just a click to stop ModSecurity if needed or to activate its passive mode so that it records what goes on without taking any steps to prevent intrusions. You'll be able to view the logs created in active or passive mode from the corresponding section of Hepsia and find out more about the form of the attack, where it originated from, what rule the firewall employed to handle it, and so on. We use a mix of commercial and custom rules in order to ensure that ModSecurity shall block as many threats as possible, thus enhancing the protection of your web apps as much as possible.

ModSecurity in Dedicated Web Hosting

When you choose to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web programs shall be secured right from the start as ModSecurity is available with all Hepsia-based solutions. You shall be able to control the firewall easily and if necessary, you'll be able to turn it off or activate its passive mode when it shall only maintain a log of what's going on without taking any action to prevent potential attacks. The logs which you'll find in the very same section of the CP are extremely detailed and contain information about the attacker IP, what website and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, etcetera. This information shall permit you to take measures and boost the security of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our admins include when they identify attacks that haven't yet been included within the commercial pack.