ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is used to stop attacks towards script-driven Internet sites by using security rules that contain particular expressions. That way, the firewall can stop hacking and spamming attempts and protect even websites which are not updated on a regular basis. For example, multiple failed login attempts to a script administrator area or attempts to execute a certain file with the objective to get access to the script will trigger specific rules, so ModSecurity will stop these activities the moment it detects them. The firewall is very efficient as it monitors the whole HTTP traffic to a website in real time without slowing it down, so it can stop an attack before any harm is done. It furthermore maintains an exceptionally comprehensive log of all attack attempts that contains more information than conventional Apache logs, so you could later examine the data and take additional measures to boost the security of your websites if needed.

ModSecurity in Cloud Hosting

We provide ModSecurity with all cloud hosting plans, so your Internet apps shall be resistant to destructive attacks. The firewall is turned on by default for all domains and subdomains, but in case you'd like, you'll be able to stop it via the respective section of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you will discover within Hepsia are quite detailed and include information about the nature of any attack, when it transpired and from what IP address, the firewall rule that was triggered, and so on. We employ a group of commercial rules which are often updated, but sometimes our administrators add custom rules as well in order to efficiently protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

We have integrated ModSecurity as a standard within all semi-dedicated hosting packages, so your web applications will be protected the instant you set them up under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts shall permit you to activate or disable the firewall for any Internet site with a click. You shall also have the ability to activate a passive detection mode through which ModSecurity shall maintain a log of possible attacks without really preventing them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack triggered, where it originated from, and so forth. The list of rules we use is regularly updated in order to match any new threats which may appear on the Internet and it comes with both commercial rules that we get from a security business and custom-written ones which our administrators add in the event that they discover a threat that's not present within the commercial list yet.

ModSecurity in VPS

All virtual private servers which are provided with the Hepsia Control Panel come with ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the web server, so there won't be anything special which you'll have to do to protect your websites. It'll take you just a click to stop ModSecurity if needed or to activate its passive mode so that it records what goes on without taking any steps to stop intrusions. You will be able to look at the logs generated in active or passive mode from the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall employed to tackle it, etcetera. We employ a combination of commercial and custom rules in order to make sure that ModSecurity will block as many threats as possible, consequently increasing the protection of your web programs as much as possible.

ModSecurity in Dedicated Hosting

All of our dedicated servers which are installed with the Hepsia hosting Control Panel feature ModSecurity, so any program which you upload or set up will be protected from the very beginning and you will not have to concern yourself with common attacks or vulnerabilities. An individual section inside Hepsia will allow you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records details about intrusions, but does not take actions to stop them. What you'll find in the logs can easily help you to secure your websites better - the IP an attack originated from, what website was attacked and exactly how, what ModSecurity rule was triggered, etc. With this data, you can see whether a site needs an update, if you ought to block IPs from accessing your web server, etcetera. Aside from the third-party commercial security rules for ModSecurity that we use, our admins add custom ones as well every time they come across a new threat that is not yet in the commercial bundle.