ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's used to prevent attacks against script-driven websites by employing security rules that contain specific expressions. That way, the firewall can stop hacking and spamming attempts and preserve even Internet sites that aren't updated regularly. For example, multiple failed login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script shall trigger certain rules, so ModSecurity will stop these activities the moment it identifies them. The firewall is extremely efficient because it monitors the whole HTTP traffic to a website in real time without slowing it down, so it will be able to stop an attack before any harm is done. It additionally keeps an exceptionally detailed log of all attack attempts which includes more info than conventional Apache logs, so you could later examine the data and take additional measures to enhance the security of your Internet sites if necessary.

ModSecurity in Cloud Hosting

We provide ModSecurity with all cloud hosting packages, so your Internet apps shall be resistant to harmful attacks. The firewall is activated by default for all domains and subdomains, but in case you would like, you will be able to stop it via the respective section of your Hepsia Control Panel. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you'll find within Hepsia are very detailed and feature information about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, and so on. We employ a group of commercial rules that are regularly updated, but sometimes our administrators include custom rules as well in order to efficiently protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans that we offer feature ModSecurity and given that the firewall is turned on by default, any Internet site which you create under a domain or a subdomain shall be protected right from the start. An individual section within the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will enable you to start and stop the firewall for any Internet site or activate a detection mode. With the last mentioned, ModSecurity won't take any action, but it will still recognize possible attacks and will keep all information inside a log as if it were fully active. The logs can be found in the exact same section of the Control Panel and they feature information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, etc. The security rules that we use on our web servers are a mix of commercial ones from a security firm and custom ones made by our system administrators. Therefore, we provide greater security for your web programs as we can shield them from attacks before security corporations release updates for new threats.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are set up with the Hepsia hosting Control Panel, so your web applications will be protected from the second your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if needed, you'll be able to disable it with a click via the corresponding section of Hepsia. You could also set it to operate in detection mode, so it shall keep a comprehensive log of any possible attacks without taking any action to prevent them. The logs can be found in the exact same section and include details about the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For best security, we employ not just commercial rules from a firm operating in the field of web security, but also custom ones our admins include manually so as to respond to new risks that are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers

If you opt to host your Internet sites on a dedicated server with the Hepsia CP, your web applications will be protected immediately since ModSecurity is available with all Hepsia-based packages. You shall be able to manage the firewall effortlessly and if required, you will be able to turn it off or enable its passive mode when it'll only keep a log of what's happening without taking any action to prevent possible attacks. The logs which you can find inside the exact same section of the Control Panel are quite detailed and contain data about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, and so forth. This data shall permit you to take measures and increase the protection of your websites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our staff add every time they detect attacks that haven't yet been included in the commercial pack.