ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is employed to stop attacks against script-driven sites by employing security rules which contain specific expressions. This way, the firewall can stop hacking and spamming attempts and protect even Internet sites that are not updated regularly. As an example, a number of failed login attempts to a script administrator area or attempts to execute a particular file with the objective to get access to the script shall trigger specific rules, so ModSecurity shall stop these activities the minute it detects them. The firewall is extremely efficient as it monitors the whole HTTP traffic to a website in real time without slowing it down, so it could stop an attack before any harm is done. It furthermore keeps a very thorough log of all attack attempts which contains more info than conventional Apache logs, so you can later examine the data and take further measures to increase the security of your websites if required.

ModSecurity in Shared Website Hosting

We offer ModSecurity with all shared website hosting plans, so your web applications will be shielded from harmful attacks. The firewall is switched on by default for all domains and subdomains, but if you would like, you shall be able to stop it using the respective area of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you shall discover in Hepsia are extremely detailed and offer information about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, and so forth. We employ a group of commercial rules which are regularly updated, but sometimes our administrators include custom rules as well so as to better protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

We've integrated ModSecurity as a standard inside all semi-dedicated hosting plans, so your web applications will be protected whenever you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts shall allow you to enable or turn off the firewall for any Internet site with a click. You'll also have the ability to activate a passive detection mode with which ModSecurity will maintain a log of possible attacks without really stopping them. The thorough logs contain the nature of the attack and what ModSecurity response this attack caused, where it originated from, etc. The list of rules which we use is regularly updated as to match any new threats which might appear on the Internet and it comes with both commercial rules that we get from a security business and custom-written ones which our admins include in the event that they discover a threat which is not present in the commercial list yet.

ModSecurity in VPS Hosting

ModSecurity is included with all Hepsia-based virtual private servers that we offer and it'll be turned on automatically for any new domain or subdomain you add on the hosting server. That way, any web application which you install shall be secured from the very beginning without doing anything personally on your end. The firewall may be managed from the section of the CP that has the same name. This is the location in whichyou can turn off ModSecurity or let its passive mode, so it won't take any action toward threats, but shall still maintain a comprehensive log. The recorded info is available in the same area as well and you shall be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules we use on our servers are a mix between commercial ones we get from a security firm and custom ones which are included by our admins to enhance the protection of any web applications hosted on our end.

ModSecurity in Dedicated Web Hosting

All of our dedicated servers that are set up with the Hepsia hosting Control Panel come with ModSecurity, so any program you upload or install will be secured from the very beginning and you will not have to worry about common attacks or vulnerabilities. A separate section within Hepsia will enable you to start or stop the firewall for each domain or subdomain, or activate a detection mode so that it records information about intrusions, but doesn't take actions to prevent them. What you shall discover in the logs can easily enable you to to secure your websites better - the IP address an attack originated from, what website was attacked as well as how, what ModSecurity rule was triggered, etc. With this information, you could see whether a website needs an update, whether you should block IPs from accessing your hosting server, and so on. Besides the third-party commercial security rules for ModSecurity we use, our admins add custom ones as well every time they find a new threat that is not yet a part of the commercial bundle.