ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's employed to stop attacks towards script-driven sites through the use of security rules which contain particular expressions. That way, the firewall can prevent hacking and spamming attempts and protect even sites that aren't updated on a regular basis. For instance, multiple failed login attempts to a script administrator area or attempts to execute a particular file with the objective to get access to the script will trigger particular rules, so ModSecurity will block these activities the instant it identifies them. The firewall is incredibly efficient as it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it can easily stop an attack before any harm is done. It additionally keeps an incredibly detailed log of all attack attempts that features more information than typical Apache logs, so you can later analyze the data and take further measures to enhance the security of your websites if required.

ModSecurity in Cloud Website Hosting

ModSecurity comes standard with all cloud website hosting plans that we provide and it will be switched on automatically for any domain or subdomain you add/create within your Hepsia hosting CP. The firewall has three different modes, so you can activate and deactivate it with only a mouse click or set it to detection mode, so it'll keep a log of all attacks, but it shall not do anything to prevent them. The log for any of your websites shall feature in-depth info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are frequently updated and incorporate both commercial ones that we get from a third-party security firm and custom ones our system administrators include in the event that they detect a new kind of attacks. That way, the Internet sites you host here shall be a lot more secure with no action expected on your end.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server packages and if you opt to host your websites with our company, there will not be anything special you'll have to do since the firewall is activated by default for all domains and subdomains you add via your hosting CP. If needed, you'll be able to disable ModSecurity for a particular website or switch on the so-called detection mode in which case the firewall will still function and record data, but won't do anything to stop potential attacks against your Internet sites. Thorough logs shall be accessible within your Control Panel and you will be able to see what type of attacks took place, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, etc. We employ two kinds of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom ones that our admins sometimes include to respond to newly found threats on time.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers that we offer and it will be switched on automatically for any new domain or subdomain you add on the hosting server. This way, any web application that you install will be secured immediately without doing anything by hand on your end. The firewall could be managed through the section of the CP that bears the same name. This is the area whereyou can disable ModSecurity or enable its passive mode, so it won't take any action towards threats, but shall still maintain a comprehensive log. The recorded information is available inside the same section as well and you will be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules we use on our servers are a combination between commercial ones that we obtain from a security firm and custom ones that are included by our admins to improve the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

When you decide to host your sites on a dedicated server with the Hepsia Control Panel, your web programs shall be secured straight away since ModSecurity is provided with all Hepsia-based packages. You will be able to manage the firewall without difficulty and if required, you shall be able to turn it off or activate its passive mode when it will only maintain a log of what is happening without taking any action to prevent possible attacks. The logs which you'll find inside the same section of the CP are very detailed and contain info about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to stop the intrusion, and so forth. This data will permit you to take measures and improve the protection of your websites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our administrators include every time they recognize attacks which have not yet been included in the commercial pack.