ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's used to prevent attacks towards script-driven websites by employing security rules that contain certain expressions. In this way, the firewall can stop hacking and spamming attempts and preserve even sites that aren't updated on a regular basis. For instance, numerous failed login attempts to a script administrative area or attempts to execute a particular file with the purpose to get access to the script will trigger specific rules, so ModSecurity shall block out these activities the instant it discovers them. The firewall is very efficient because it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any damage is done. It furthermore keeps an incredibly thorough log of all attack attempts that includes more info than typical Apache logs, so you could later examine the data and take further measures to improve the security of your Internet sites if required.

ModSecurity in Shared Web Hosting

ModSecurity is available with every single shared web hosting plan that we provide and it is activated by default for every domain or subdomain that you add through your Hepsia Control Panel. If it disrupts any of your apps or you'd like to disable it for some reason, you'll be able to do that through the ModSecurity section of Hepsia with just a click. You could also activate a passive mode, so the firewall will identify potential attacks and maintain a log, but won't take any action. You could see extensive logs in the very same section, including the IP address where the attack came from, exactly what the attacker attempted to do and at what time, what ModSecurity did, and so on. For max safety of our clients we use a group of commercial firewall rules blended with custom ones that are provided by our system administrators.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages that we offer feature ModSecurity and because the firewall is turned on by default, any website that you build under a domain or a subdomain shall be protected immediately. An individual section within the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it will permit you to start and stop the firewall for any website or activate a detection mode. With the last mentioned, ModSecurity will not take any action, but it shall still recognize possible attacks and will keep all info within a log as if it were completely active. The logs could be found in the very same section of the Control Panel and they include specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules that we use on our servers are a mix of commercial ones from a security business and custom ones made by our system admins. Consequently, we offer higher security for your web applications as we can protect them from attacks before security firms release updates for brand new threats.

ModSecurity in VPS Hosting

All virtual private servers that are provided with the Hepsia Control Panel feature ModSecurity. The firewall is installed and turned on by default for all domains that are hosted on the web server, so there shall not be anything special which you will have to do to protect your sites. It will take you just a click to stop ModSecurity if necessary or to turn on its passive mode so that it records what goes on without taking any steps to stop intrusions. You'll be able to look at the logs created in active or passive mode through the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to tackle it, and so on. We employ a mix of commercial and custom rules so as to ensure that ModSecurity shall prevent as many risks as possible, thus boosting the security of your web programs as much as possible.

ModSecurity in Dedicated Web Hosting

All our dedicated servers that are set up with the Hepsia hosting Control Panel come with ModSecurity, so any program which you upload or set up shall be secured from the very beginning and you will not need to worry about common attacks or vulnerabilities. An independent section within Hepsia will permit you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but doesn't take actions to stop them. What you'll find in the logs shall enable you to to secure your websites better - the IP address an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, and so on. With this information, you can see whether an Internet site needs an update, if you ought to block IPs from accessing your hosting server, and so forth. Aside from the third-party commercial security rules for ModSecurity we use, our admins add custom ones as well when they come across a new threat that's not yet a part of the commercial bundle.