ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's used to stop attacks towards script-driven Internet sites by employing security rules which contain certain expressions. This way, the firewall can block hacking and spamming attempts and protect even Internet sites which aren't updated regularly. For example, a number of unsuccessful login attempts to a script administrator area or attempts to execute a certain file with the purpose to get access to the script will trigger certain rules, so ModSecurity shall block these activities the moment it detects them. The firewall is very efficient since it tracks the entire HTTP traffic to a site in real time without slowing it down, so it can easily stop an attack before any damage is done. It furthermore keeps an incredibly thorough log of all attack attempts which contains more info than typical Apache logs, so you can later analyze the data and take extra measures to improve the security of your websites if necessary.

ModSecurity in Cloud Hosting

ModSecurity is supplied with all cloud hosting machines, so when you opt to host your sites with our organization, they shall be resistant to an array of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you'll need to do on your end. You will be able to stop ModSecurity for any Internet site if necessary, or to activate a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You shall be able to view comprehensive logs through your Hepsia CP including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity dealt with the threat. As we take the protection of our clients' Internet sites seriously, we employ a group of commercial rules which we get from one of the best firms that maintain such rules. Our admins also include custom rules to make sure that your sites shall be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions that we offer come with ModSecurity and because the firewall is switched on by default, any Internet site that you set up under a domain or a subdomain will be protected right from the start. A separate section within the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall allow you to start and stop the firewall for any site or enable a detection mode. With the last mentioned, ModSecurity won't take any action, but it'll still recognize possible attacks and will keep all info inside a log as if it were completely active. The logs could be found within the same section of the CP and they offer info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etcetera. The security rules which we employ on our web servers are a mix of commercial ones from a security firm and custom ones developed by our system admins. As a result, we offer higher security for your web apps as we can defend them from attacks before security firms release updates for brand new threats.

ModSecurity in VPS Web Hosting

All virtual private servers which are provided with the Hepsia Control Panel include ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the machine, so there won't be anything special which you'll have to do to protect your Internet sites. It shall take you only a mouse click to stop ModSecurity if required or to activate its passive mode so that it records what happens without taking any measures to prevent intrusions. You will be able to view the logs produced in active or passive mode via the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall used to deal with it, and so on. We employ a mixture of commercial and custom rules so as to ensure that ModSecurity shall stop as many risks as possible, hence improving the protection of your web programs as much as possible.

ModSecurity in Dedicated Servers Hosting

ModSecurity comes with all dedicated servers that are integrated with our Hepsia CP and you will not need to do anything specific on your end to employ it since it's activated by default each time you add a new domain or subdomain on your hosting server. In case it disrupts any of your apps, you will be able to stop it via the respective section of Hepsia, or you may leave it operating in passive mode, so it shall detect attacks and will still keep a log for them, but won't stop them. You'll be able to look at the logs later to find out what you can do to improve the security of your Internet sites as you'll find info such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity responded, etcetera. The rules that we employ are commercial, hence they are constantly updated by a security company, but to be on the safe side, our admins also add custom rules every now and then as to react to any new threats they have discovered.