ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's employed to stop attacks towards script-driven websites through the use of security rules which contain specific expressions. This way, the firewall can stop hacking and spamming attempts and shield even Internet sites which are not updated frequently. For example, several unsuccessful login attempts to a script administrator area or attempts to execute a certain file with the intention to get access to the script shall trigger particular rules, so ModSecurity shall stop these activities the moment it identifies them. The firewall is extremely efficient because it tracks the entire HTTP traffic to a site in real time without slowing it down, so it could stop an attack before any harm is done. It additionally keeps an incredibly detailed log of all attack attempts which features more information than typical Apache logs, so you could later examine the data and take further measures to increase the security of your Internet sites if required.

ModSecurity in Cloud Hosting

ModSecurity comes standard with all cloud hosting plans that we provide and it'll be turned on automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to activate and disable it with just a mouse click or set it to detection mode, so it will keep a log of all attacks, but it'll not do anything to prevent them. The log for each of your Internet sites will include in-depth info which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules which we use are regularly updated and incorporate both commercial ones we get from a third-party security company and custom ones which our system administrators include in case that they detect a new type of attacks. In this way, the Internet sites you host here shall be far more protected without any action expected on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans which we offer include ModSecurity and since the firewall is switched on by default, any Internet site which you build under a domain or a subdomain shall be protected immediately. A separate section within the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll permit you to start and stop the firewall for any site or switch on a detection mode. With the last mentioned, ModSecurity shall not take any action, but it will still identify possible attacks and will keep all information within a log as if it were fully active. The logs can be found in the same section of the Control Panel and they feature information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules which we use on our servers are a mix between commercial ones from a security company and custom ones made by our system administrators. As a result, we offer higher security for your web apps as we can protect them from attacks before security businesses release updates for brand new threats.

ModSecurity in VPS Hosting

Protection is very important to us, so we install ModSecurity on all virtual private servers that are set up with the Hepsia CP by default. The firewall can be managed via a dedicated section in Hepsia and is activated automatically when you include a new domain or create a subdomain, so you will not need to do anything by hand. You will also be able to deactivate it or switch on the so-called detection mode, so it'll maintain a log of potential attacks that you can later analyze, but won't block them. The logs in both passive and active modes include information about the kind of the attack and how it was prevented, what IP address it originated from and other useful info that could help you to tighten the security of your websites by updating them or blocking IPs, for example. On top of the commercial rules we get for ModSecurity from a third-party security firm, we also employ our own rules because every now and then we discover specific attacks which aren't yet present within the commercial group. This way, we can enhance the security of your VPS instantly instead of awaiting an official update.

ModSecurity in Dedicated Web Hosting

All of our dedicated servers that are installed with the Hepsia hosting CP feature ModSecurity, so any app which you upload or set up will be protected from the very beginning and you will not need to stress about common attacks or vulnerabilities. A separate section inside Hepsia will permit you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you will discover in the logs shall help you to secure your Internet sites better - the IP an attack originated from, what site was attacked and how, what ModSecurity rule was triggered, etcetera. With this information, you can see whether an Internet site needs an update, if you ought to block IPs from accessing your web server, and so forth. Besides the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones too when they find a new threat that is not yet in the commercial bundle.