ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is employed to prevent attacks against script-driven sites by using security rules which contain certain expressions. That way, the firewall can block hacking and spamming attempts and shield even Internet sites which aren't updated regularly. As an example, a number of failed login attempts to a script administrator area or attempts to execute a particular file with the purpose to get access to the script shall trigger certain rules, so ModSecurity will block these activities the moment it discovers them. The firewall is very efficient since it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It additionally keeps a very detailed log of all attack attempts that contains more info than typical Apache logs, so you can later check out the data and take further measures to increase the security of your Internet sites if needed.

ModSecurity in Web Hosting

ModSecurity is provided with all web hosting machines, so if you choose to host your sites with our company, they'll be shielded from a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any site if required, or to activate a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You will be able to view comprehensive logs through your Hepsia Control Panel including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. As we take the safety of our clients' Internet sites very seriously, we employ a selection of commercial rules that we get from one of the best firms that maintain this type of rules. Our administrators also include custom rules to ensure that your Internet sites shall be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans which we offer come with ModSecurity and because the firewall is switched on by default, any site which you build under a domain or a subdomain will be secured right away. An individual section within the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall allow you to stop and start the firewall for any website or activate a detection mode. With the last mentioned, ModSecurity will not take any action, but it will still detect possible attacks and will keep all information in a log as if it were fully active. The logs can be found within the very same section of the Control Panel and they feature information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, etcetera. The security rules which we employ on our servers are a mix of commercial ones from a security business and custom ones created by our system administrators. For that reason, we provide greater security for your web programs as we can protect them from attacks even before security businesses release updates for brand new threats.

ModSecurity in VPS Hosting

ModSecurity comes with all Hepsia-based virtual private servers we offer and it'll be switched on automatically for any new domain or subdomain which you include on the machine. In this way, any web app you install shall be protected immediately without doing anything manually on your end. The firewall may be managed through the section of the Control Panel that bears the same name. This is the location in whichyou'll be able to disable ModSecurity or enable its passive mode, so it shall not take any action towards threats, but will still keep a detailed log. The recorded info is available within the same section as well and you shall be able to see what IPs any attacks originated from to enable you to stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules that we use on our servers are a mixture between commercial ones that we obtain from a security organization and custom ones which are included by our administrators to optimize the protection of any web applications hosted on our end.

ModSecurity in Dedicated Web Hosting

ModSecurity is included with all dedicated servers which are set up with our Hepsia CP and you won't have to do anything specific on your end to use it as it is switched on by default every time you add a new domain or subdomain on your hosting server. In case it disrupts any of your programs, you will be able to stop it through the respective area of Hepsia, or you can leave it operating in passive mode, so it'll identify attacks and shall still maintain a log for them, but shall not prevent them. You can look at the logs later to determine what you can do to enhance the protection of your sites since you'll find information such as where an intrusion attempt came from, what website was attacked and in accordance with what rule ModSecurity reacted, etc. The rules we use are commercial, therefore they're constantly updated by a security provider, but to be on the safe side, our staff also include custom rules once in a while as to react to any new threats they have discovered.