ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It is used to stop attacks towards script-driven sites by employing security rules which contain certain expressions. In this way, the firewall can prevent hacking and spamming attempts and protect even Internet sites that aren't updated regularly. For example, several failed login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script will trigger certain rules, so ModSecurity will block these activities the second it identifies them. The firewall is extremely efficient since it tracks the entire HTTP traffic to a site in real time without slowing it down, so it can stop an attack before any damage is done. It furthermore keeps an incredibly detailed log of all attack attempts which features more info than conventional Apache logs, so you could later examine the data and take further measures to increase the security of your Internet sites if required.

ModSecurity in Cloud Web Hosting

ModSecurity comes by default with all cloud web hosting plans which we offer and it will be turned on automatically for any domain or subdomain that you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you'll be able to switch on and deactivate it with just a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your websites will feature comprehensive info which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are frequently updated and include both commercial ones which we get from a third-party security company and custom ones our system admins add in the event that they detect a new kind of attacks. That way, the websites that you host here shall be a lot more secure with no action required on your end.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting packages and if you choose to host your sites with us, there will not be anything special you'll have to do as the firewall is activated by default for all domains and subdomains which you add via your hosting Control Panel. If needed, you'll be able to disable ModSecurity for a particular website or turn on the so-called detection mode in which case the firewall shall still function and record data, but will not do anything to stop possible attacks on your sites. In depth logs will be readily available within your Control Panel and you'll be able to see which kind of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, and so forth. We employ two sorts of rules on our servers - commercial ones from a company that operates in the field of web security, and custom ones which our admins sometimes include to respond to newly identified threats promptly.

ModSecurity in VPS Web Hosting

All virtual private servers which are offered with the Hepsia CP come with ModSecurity. The firewall is installed and activated by default for all domains that are hosted on the server, so there won't be anything special that you'll have to do to protect your Internet sites. It'll take you just a click to stop ModSecurity if needed or to switch on its passive mode so that it records what occurs without taking any steps to prevent intrusions. You'll be able to see the logs generated in active or passive mode via the corresponding section of Hepsia and discover more about the form of the attack, where it came from, what rule the firewall employed to tackle it, etcetera. We use a mixture of commercial and custom rules so as to make sure that ModSecurity will block as many risks as possible, consequently boosting the protection of your web programs as much as possible.

ModSecurity in Dedicated Servers Hosting

ModSecurity comes with all dedicated servers that are set up with our Hepsia Control Panel and you won't need to do anything specific on your end to employ it as it is turned on by default each time you include a new domain or subdomain on your hosting server. In the event that it disrupts any of your programs, you shall be able to stop it through the respective area of Hepsia, or you may leave it working in passive mode, so it shall detect attacks and will still keep a log for them, but shall not prevent them. You can examine the logs later to find out what you can do to improve the protection of your websites since you'll find details such as where an intrusion attempt came from, what Internet site was attacked and based on what rule ModSecurity reacted, etcetera. The rules which we employ are commercial, hence they're regularly updated by a security company, but to be on the safe side, our administrators also add custom rules once in a while as to react to any new threats they have identified.