ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It is employed to prevent attacks against script-driven Internet sites through the use of security rules that contain particular expressions. This way, the firewall can stop hacking and spamming attempts and preserve even Internet sites which aren't updated frequently. For example, a number of unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the intention to get access to the script shall trigger particular rules, so ModSecurity will block these activities the instant it detects them. The firewall is quite efficient as it screens the entire HTTP traffic to a site in real time without slowing it down, so it could stop an attack before any harm is done. It also keeps an incredibly thorough log of all attack attempts that features more info than standard Apache logs, so you could later check out the data and take additional measures to improve the security of your websites if necessary.

ModSecurity in Shared Website Hosting

ModSecurity is available with each and every shared website hosting package that we provide and it's turned on by default for any domain or subdomain which you add through your Hepsia CP. If it disrupts any of your apps or you would like to disable it for some reason, you will be able to do this through the ModSecurity area of Hepsia with just a click. You may also enable a passive mode, so the firewall will recognize potential attacks and maintain a log, but won't take any action. You could view comprehensive logs in the very same section, including the IP address where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, and so on. For optimum security of our clients we use a set of commercial firewall rules combined with custom ones that are included by our system admins.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting packages and if you choose to host your sites with our company, there will not be anything special you will have to do given that the firewall is switched on by default for all domains and subdomains that you include through your hosting Control Panel. If necessary, you'll be able to disable ModSecurity for a given Internet site or turn on the so-called detection mode in which case the firewall shall still operate and record data, but won't do anything to prevent possible attacks on your websites. In depth logs will be available inside your CP and you shall be able to see which kind of attacks occurred, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, and so forth. We employ two kinds of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom ones which our administrators often include to respond to newly found threats promptly.

ModSecurity in VPS Web Hosting

ModSecurity is pre-installed on all virtual private servers which are set up with the Hepsia hosting CP, so your web programs shall be secured from the second your server is in a position. The firewall is activated by default for any domain or subdomain on the VPS, but if required, you'll be able to deactivate it with a click via the corresponding section of Hepsia. You could also set it to function in detection mode, so it will keep a comprehensive log of any potential attacks without taking any action to stop them. The logs can be found in the very same section and offer information regarding the nature of the attack, what IP it originated from and what ModSecurity rule was activated to stop it. For best security, we employ not only commercial rules from a company working in the field of web security, but also custom ones that our administrators add manually in order to respond to new threats which are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers Hosting

If you choose to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web applications shall be secured right away as ModSecurity is available with all Hepsia-based packages. You will be able to regulate the firewall without difficulty and if needed, you'll be able to turn it off or switch on its passive mode when it shall only maintain a log of what's occurring without taking any action to prevent potential attacks. The logs which you'll find in the same section of the CP are very detailed and feature details about the attacker IP, what website and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, etcetera. This info shall enable you to take measures and increase the protection of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our administrators add every time they identify attacks that haven't yet been included in the commercial pack.