ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's used to prevent attacks towards script-driven Internet sites by using security rules that contain certain expressions. That way, the firewall can stop hacking and spamming attempts and shield even websites which aren't updated frequently. As an example, a number of failed login attempts to a script administrator area or attempts to execute a particular file with the purpose to get access to the script will trigger certain rules, so ModSecurity will stop these activities the moment it identifies them. The firewall is quite efficient since it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it can easily stop an attack before any harm is done. It furthermore keeps an exceptionally comprehensive log of all attack attempts which features more information than standard Apache logs, so you can later analyze the data and take extra measures to increase the security of your websites if necessary.

ModSecurity in Cloud Web Hosting

ModSecurity is provided with all cloud web hosting machines, so when you decide to host your sites with our company, they'll be protected against an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you shall have to do on your end. You will be able to stop ModSecurity for any Internet site if necessary, or to switch on a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You shall be able to view specific logs using your Hepsia CP including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity dealt with the threat. Since we take the protection of our clients' websites seriously, we employ a selection of commercial rules which we take from one of the leading firms that maintain this sort of rules. Our admins also add custom rules to make certain that your Internet sites shall be protected against as many risks as possible.

ModSecurity in Semi-dedicated Hosting

Any web app which you set up in your new semi-dedicated hosting account shall be protected by ModSecurity because the firewall comes with all our hosting packages and is switched on by default for any domain and subdomain you add or create via your Hepsia hosting Control Panel. You will be able to manage ModSecurity via a dedicated section inside Hepsia where not simply could you activate or deactivate it completely, but you could also switch on a passive mode, so the firewall will not stop anything, but it shall still keep an archive of potential attacks. This normally requires only a click and you shall be able to look at the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was addressed, etc. The firewall employs 2 groups of rules on our web servers - a commercial one that we get from a third-party web security firm and a custom one which our admins update manually in order to respond to recently discovered risks immediately.

ModSecurity in VPS Hosting

All virtual private servers that are provided with the Hepsia Control Panel come with ModSecurity. The firewall is installed and switched on by default for all domains that are hosted on the machine, so there shall not be anything special that you'll have to do to protect your websites. It will take you simply a mouse click to stop ModSecurity if needed or to activate its passive mode so that it records what occurs without taking any actions to stop intrusions. You shall be able to view the logs generated in active or passive mode from the corresponding section of Hepsia and find out more about the form of the attack, where it originated from, what rule the firewall used to tackle it, etc. We use a mixture of commercial and custom rules so as to make sure that ModSecurity will stop as many threats as possible, therefore increasing the protection of your web apps as much as possible.

ModSecurity in Dedicated Web Hosting

All our dedicated servers that are set up with the Hepsia hosting CP feature ModSecurity, so any app which you upload or install will be secured from the very beginning and you won't need to worry about common attacks or vulnerabilities. A separate section in Hepsia will allow you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you'll see in the logs shall allow you to to secure your websites better - the IP address an attack came from, what website was attacked and how, what ModSecurity rule was triggered, etc. With this information, you can see whether a site needs an update, if you should block IPs from accessing your hosting server, etcetera. Besides the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones too if they find a new threat that's not yet included in the commercial bundle.