ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is used to prevent attacks toward script-driven websites by employing security rules which contain particular expressions. That way, the firewall can stop hacking and spamming attempts and preserve even websites which are not updated frequently. For instance, a number of failed login attempts to a script administrative area or attempts to execute a specific file with the intention to get access to the script will trigger specific rules, so ModSecurity will block out these activities the minute it identifies them. The firewall is very efficient because it tracks the whole HTTP traffic to a website in real time without slowing it down, so it can easily stop an attack before any harm is done. It also keeps an incredibly thorough log of all attack attempts which features more info than typical Apache logs, so you can later analyze the data and take additional measures to boost the security of your websites if needed.

ModSecurity in Shared Website Hosting

ModSecurity is offered with each and every shared website hosting solution which we provide and it's activated by default for any domain or subdomain which you add through your Hepsia Control Panel. In the event that it interferes with any of your applications or you'd like to disable it for any reason, you shall be able to accomplish that through the ModSecurity area of Hepsia with simply a click. You could also activate a passive mode, so the firewall will detect possible attacks and maintain a log, but shall not take any action. You could view comprehensive logs in the exact same section, including the IP where the attack came from, exactly what the attacker attempted to do and at what time, what ModSecurity did, and so forth. For maximum safety of our clients we use a collection of commercial firewall rules blended with custom ones which are included by our system admins.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions which we offer come with ModSecurity and since the firewall is enabled by default, any Internet site that you create under a domain or a subdomain will be secured immediately. An individual section within the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll allow you to start and stop the firewall for any site or switch on a detection mode. With the latter, ModSecurity won't take any action, but it will still detect possible attacks and shall keep all info within a log as if it were 100% active. The logs can be found within the exact same section of the Control Panel and they include information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules we employ on our machines are a mix between commercial ones from a security business and custom ones made by our system admins. Consequently, we offer greater security for your web apps as we can shield them from attacks before security firms release updates for brand new threats.

ModSecurity in VPS Servers

ModSecurity is included with all Hepsia-based VPS servers we offer and it'll be activated automatically for any new domain or subdomain which you add on the server. That way, any web application which you install shall be secured right from the start without doing anything manually on your end. The firewall could be managed from the section of the CP which has the same name. This is the place in whichyou can switch off ModSecurity or activate its passive mode, so it will not take any action toward threats, but shall still maintain a comprehensive log. The recorded info is available inside the same area as well and you shall be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules that we employ on our servers are a combination between commercial ones that we get from a security company and custom ones that are added by our staff to maximize the protection of any web applications hosted on our end.

ModSecurity in Dedicated Servers

All our dedicated servers which are installed with the Hepsia hosting Control Panel feature ModSecurity, so any application you upload or set up shall be protected from the very beginning and you won't have to stress about common attacks or vulnerabilities. An individual section in Hepsia will allow you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you shall find in the logs can allow you to to secure your Internet sites better - the IP an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, and so on. With this information, you could see whether a website needs an update, whether you ought to block IPs from accessing your server, and so forth. In addition to the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones too when they come across a new threat that's not yet included in the commercial bundle.