ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is used to stop attacks against script-driven sites by employing security rules that contain certain expressions. This way, the firewall can block hacking and spamming attempts and preserve even sites that aren't updated often. For example, a number of failed login attempts to a script administrative area or attempts to execute a specific file with the purpose to get access to the script will trigger particular rules, so ModSecurity will block out these activities the instant it discovers them. The firewall is quite efficient as it screens the whole HTTP traffic to a website in real time without slowing it down, so it can prevent an attack before any damage is done. It furthermore maintains an incredibly detailed log of all attack attempts that features more info than traditional Apache logs, so you could later analyze the data and take further measures to increase the security of your Internet sites if required.

ModSecurity in Website Hosting

We offer ModSecurity with all website hosting packages, so your web applications shall be protected against destructive attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you'll be able to stop it using the respective area of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you will find in Hepsia are very detailed and feature information about the nature of any attack, when it transpired and from what IP, the firewall rule that was triggered, etcetera. We employ a range of commercial rules that are constantly updated, but sometimes our administrators add custom rules as well in order to efficiently protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting plans and if you choose to host your sites with us, there shall not be anything special you will have to do given that the firewall is switched on by default for all domains and subdomains which you include via your hosting CP. If required, you'll be able to disable ModSecurity for a certain Internet site or activate the so-called detection mode in which case the firewall will still operate and record information, but shall not do anything to prevent possible attacks against your Internet sites. Comprehensive logs shall be readily available inside your Control Panel and you will be able to see which kind of attacks happened, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, etcetera. We use 2 types of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom ones which our administrators often include to respond to newly found risks in a timely manner.

ModSecurity in VPS Hosting

ModSecurity is provided with all Hepsia-based virtual private servers that we offer and it will be activated automatically for any new domain or subdomain you add on the web server. In this way, any web app you install shall be protected immediately without doing anything by hand on your end. The firewall can be handled through the section of the Control Panel which bears the same name. This is the area in whichyou'll be able to switch off ModSecurity or activate its passive mode, so it will not take any action toward threats, but shall still maintain a thorough log. The recorded info is available within the same section as well and you shall be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules that we use on our servers are a blend between commercial ones we get from a security firm and custom ones that are added by our administrators to enhance the security of any web apps hosted on our end.

ModSecurity in Dedicated Web Hosting

When you decide to host your websites on a dedicated server with the Hepsia Control Panel, your web programs shall be protected right from the start because ModSecurity is provided with all Hepsia-based plans. You shall be able to regulate the firewall easily and if required, you shall be able to turn it off or activate its passive mode when it will only maintain a log of what is happening without taking any action to stop potential attacks. The logs that you'll find inside the very same section of the CP are extremely detailed and contain data about the attacker IP, what website and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, etc. This information will permit you to take measures and boost the protection of your sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our administrators add when they detect attacks which haven't yet been included inside the commercial pack.