ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's used to stop attacks toward script-driven websites by employing security rules that contain certain expressions. That way, the firewall can prevent hacking and spamming attempts and protect even sites that are not updated frequently. For example, numerous failed login attempts to a script admin area or attempts to execute a specific file with the intention to get access to the script will trigger particular rules, so ModSecurity shall block out these activities the instant it discovers them. The firewall is quite efficient because it tracks the whole HTTP traffic to a website in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It furthermore keeps an exceptionally thorough log of all attack attempts which features more information than traditional Apache logs, so you could later check out the data and take extra measures to enhance the security of your websites if necessary.

ModSecurity in Shared Website Hosting

ModSecurity comes by default with all shared website hosting solutions which we supply and it shall be activated automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you can switch on and disable it with simply a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it will not do anything to prevent them. The log for any of your sites will include comprehensive info including the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are regularly updated and consist of both commercial ones which we get from a third-party security company and custom ones that our system administrators add in the event that they detect a new type of attacks. That way, the Internet sites you host here will be way more protected with no action required on your end.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server packages and if you opt to host your sites with us, there won't be anything special you'll need to do as the firewall is activated by default for all domains and subdomains that you add using your hosting CP. If necessary, you can disable ModSecurity for a certain website or switch on the so-called detection mode in which case the firewall will still work and record data, but will not do anything to stop possible attacks against your Internet sites. Thorough logs will be readily available within your CP and you'll be able to see what type of attacks occurred, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, etc. We employ 2 types of rules on our servers - commercial ones from a company which operates in the field of web security, and customized ones which our administrators sometimes include to respond to newly discovered threats in a timely manner.

ModSecurity in VPS Servers

All VPS servers which are set up with the Hepsia CP feature ModSecurity. The firewall is installed and activated by default for all domains that are hosted on the server, so there will not be anything special that you will have to do to protect your sites. It'll take you just a click to stop ModSecurity if necessary or to switch on its passive mode so that it records what goes on without taking any actions to stop intrusions. You'll be able to view the logs created in passive or active mode via the corresponding section of Hepsia and discover more about the form of the attack, where it originated from, what rule the firewall used to deal with it, and so on. We employ a mix of commercial and custom rules so as to make certain that ModSecurity shall stop as many risks as possible, consequently improving the protection of your web programs as much as possible.

ModSecurity in Dedicated Servers

All of our dedicated servers that are installed with the Hepsia hosting Control Panel include ModSecurity, so any app which you upload or install shall be secured from the very beginning and you won't need to worry about common attacks or vulnerabilities. An individual section within Hepsia will allow you to start or stop the firewall for each domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you'll see in the logs can allow you to to secure your Internet sites better - the IP an attack originated from, what site was attacked and how, what ModSecurity rule was triggered, and so forth. With this info, you could see if a website needs an update, if you need to block IPs from accessing your web server, and so on. On top of the third-party commercial security rules for ModSecurity which we use, our admins include custom ones as well whenever they find a new threat that is not yet a part of the commercial bundle.