ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's used to prevent attacks towards script-driven sites by employing security rules which contain certain expressions. This way, the firewall can stop hacking and spamming attempts and protect even websites that are not updated regularly. As an example, multiple unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the intention to get access to the script shall trigger particular rules, so ModSecurity will block these activities the minute it identifies them. The firewall is extremely efficient as it screens the whole HTTP traffic to a website in real time without slowing it down, so it will be able to stop an attack before any harm is done. It additionally maintains an exceptionally comprehensive log of all attack attempts that includes more info than conventional Apache logs, so you can later examine the data and take further measures to boost the security of your sites if necessary.

ModSecurity in Cloud Hosting

We offer ModSecurity with all cloud hosting plans, so your web apps will be shielded from destructive attacks. The firewall is activated as standard for all domains and subdomains, but if you would like, you will be able to stop it via the respective section of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you will find within Hepsia are incredibly detailed and include info about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, etc. We employ a range of commercial rules which are constantly updated, but sometimes our admins include custom rules as well so as to better protect the Internet sites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans that we offer include ModSecurity and because the firewall is switched on by default, any site that you set up under a domain or a subdomain will be protected straight away. An individual section within the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it will permit you to start and stop the firewall for any website or enable a detection mode. With the latter, ModSecurity shall not take any action, but it will still recognize possible attacks and will keep all info in a log as if it were 100% active. The logs can be found in the very same section of the CP and they include information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules we use on our servers are a mix between commercial ones from a security firm and custom ones created by our system admins. Therefore, we offer greater security for your web apps as we can shield them from attacks before security firms release updates for completely new threats.

ModSecurity in VPS Web Hosting

All virtual private servers that are set up with the Hepsia CP include ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the web server, so there shall not be anything special that you will have to do to protect your sites. It will take you just a click to stop ModSecurity if needed or to turn on its passive mode so that it records what occurs without taking any actions to stop intrusions. You shall be able to see the logs produced in active or passive mode via the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall used to deal with it, and so on. We use a mixture of commercial and custom rules in order to ensure that ModSecurity will stop as many threats as possible, consequently enhancing the security of your web programs as much as possible.

ModSecurity in Dedicated Servers Hosting

ModSecurity comes with all dedicated servers that are set up with our Hepsia Control Panel and you'll not need to do anything specific on your end to use it because it's enabled by default whenever you add a new domain or subdomain on your hosting server. If it disrupts some of your programs, you will be able to stop it via the respective section of Hepsia, or you can leave it working in passive mode, so it will detect attacks and will still maintain a log for them, but will not block them. You'll be able to examine the logs later to determine what you can do to increase the protection of your sites as you will find details such as where an intrusion attempt originated from, what Internet site was attacked and based upon what rule ModSecurity reacted, and so forth. The rules that we employ are commercial, hence they're constantly updated by a security company, but to be on the safe side, our administrators also add custom rules occasionally as to react to any new threats they have found.