ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's used to stop attacks toward script-driven sites by employing security rules which contain specific expressions. In this way, the firewall can stop hacking and spamming attempts and preserve even sites that aren't updated on a regular basis. As an example, several unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the intention to get access to the script shall trigger particular rules, so ModSecurity will block out these activities the moment it identifies them. The firewall is very efficient as it monitors the entire HTTP traffic to a website in real time without slowing it down, so it can prevent an attack before any damage is done. It also maintains an incredibly thorough log of all attack attempts that includes more information than standard Apache logs, so you could later analyze the data and take additional measures to enhance the security of your websites if necessary.

ModSecurity in Cloud Web Hosting

ModSecurity is available on all cloud web hosting machines, so when you opt to host your websites with our business, they shall be resistant to an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you shall need to do on your end. You will be able to stop ModSecurity for any site if required, or to activate a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You'll be able to view specific logs through your Hepsia CP including the IP address where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the security of our clients' Internet sites seriously, we employ a set of commercial rules that we take from one of the leading firms that maintain such rules. Our administrators also add custom rules to ensure that your websites will be protected against as many risks as possible.

ModSecurity in Semi-dedicated Hosting

We've included ModSecurity as a standard inside all semi-dedicated hosting plans, so your web apps shall be protected whenever you set them up under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts will permit you to enable or disable the firewall for any site with a click. You shall also have the ability to switch on a passive detection mode in which ModSecurity shall keep a log of potential attacks without actually preventing them. The comprehensive logs contain the nature of the attack and what ModSecurity response that attack activated, where it came from, etc. The list of rules we employ is frequently updated as to match any new risks which might appear on the Internet and it features both commercial rules that we get from a security business and custom-written ones which our administrators include in the event that they find a threat that is not present inside the commercial list yet.

ModSecurity in VPS

All virtual private servers that are set up with the Hepsia CP include ModSecurity. The firewall is set up and switched on by default for all domains which are hosted on the web server, so there shall not be anything special that you shall have to do to protect your Internet sites. It will take you only a mouse click to stop ModSecurity if required or to turn on its passive mode so that it records what occurs without taking any steps to stop intrusions. You shall be able to view the logs generated in active or passive mode from the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to handle it, and so on. We employ a combination of commercial and custom rules in order to make sure that ModSecurity will prevent as many threats as possible, thus enhancing the protection of your web apps as much as possible.

ModSecurity in Dedicated Hosting

All our dedicated servers which are set up with the Hepsia hosting Control Panel come with ModSecurity, so any app which you upload or set up shall be protected from the very beginning and you will not have to worry about common attacks or vulnerabilities. An independent section within Hepsia will permit you to start or stop the firewall for each domain or subdomain, or turn on a detection mode so that it records information about intrusions, but does not take actions to stop them. What you'll discover in the logs can easily help you to secure your sites better - the IP an attack originated from, what site was attacked and exactly how, what ModSecurity rule was triggered, etc. With this information, you could see whether an Internet site needs an update, whether you should block IPs from accessing your web server, and so on. In addition to the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones as well every time they discover a new threat that's not yet included in the commercial bundle.