ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's used to prevent attacks toward script-driven websites through the use of security rules which contain certain expressions. This way, the firewall can block hacking and spamming attempts and protect even Internet sites which are not updated frequently. As an example, multiple failed login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script will trigger particular rules, so ModSecurity will block these activities the second it detects them. The firewall is incredibly efficient as it screens the entire HTTP traffic to a website in real time without slowing it down, so it could prevent an attack before any harm is done. It also keeps an incredibly detailed log of all attack attempts which includes more information than standard Apache logs, so you can later check out the data and take additional measures to enhance the security of your sites if needed.

ModSecurity in Website Hosting

We provide ModSecurity with all website hosting solutions, so your web applications shall be resistant to harmful attacks. The firewall is activated as standard for all domains and subdomains, but if you would like, you'll be able to stop it via the respective part of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you'll find inside Hepsia are quite detailed and feature info about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, and so forth. We employ a range of commercial rules which are often updated, but sometimes our administrators add custom rules as well so as to efficiently protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans which we offer include ModSecurity and since the firewall is turned on by default, any website which you build under a domain or a subdomain shall be secured right from the start. An independent section inside the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll permit you to start and stop the firewall for any Internet site or switch on a detection mode. With the latter, ModSecurity shall not take any action, but it shall still detect possible attacks and shall keep all info in a log as if it were fully active. The logs can be found within the very same section of the CP and they feature specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules that we employ on our machines are a mix of commercial ones from a security firm and custom ones developed by our system admins. As a result, we offer higher security for your web applications as we can defend them from attacks before security firms release updates for completely new threats.

ModSecurity in VPS Hosting

ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting Control Panel, so your web apps shall be secured from the instant your server is in a position. The firewall is turned on by default for any domain or subdomain on the VPS, but if required, you could deactivate it with a click through the corresponding section of Hepsia. You can also set it to operate in detection mode, so it will keep a comprehensive log of any possible attacks without taking any action to stop them. The logs are available in the exact same section and provide information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For maximum security, we use not simply commercial rules from a firm working in the field of web security, but also custom ones our admins add personally so as to respond to new risks that are still not tackled in the commercial rules.

ModSecurity in Dedicated Web Hosting

If you choose to host your Internet sites on a dedicated server with the Hepsia CP, your web applications will be secured immediately since ModSecurity is supplied with all Hepsia-based solutions. You shall be able to manage the firewall effortlessly and if required, you shall be able to turn it off or enable its passive mode when it shall only keep a log of what is happening without taking any action to stop possible attacks. The logs that you'll find inside the very same section of the Control Panel are extremely detailed and include data about the attacker IP, what website and file were attacked and in what way, what rule the firewall employed to stop the intrusion, and so forth. This information shall enable you to take measures and improve the security of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our admins include every time they recognize attacks that haven't yet been included inside the commercial pack.