ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is employed to stop attacks toward script-driven websites through the use of security rules which contain certain expressions. That way, the firewall can prevent hacking and spamming attempts and preserve even Internet sites that are not updated regularly. For instance, a number of unsuccessful login attempts to a script administrator area or attempts to execute a certain file with the intention to get access to the script shall trigger specific rules, so ModSecurity will block these activities the moment it discovers them. The firewall is quite efficient as it tracks the whole HTTP traffic to a website in real time without slowing it down, so it can easily prevent an attack before any damage is done. It also maintains an incredibly thorough log of all attack attempts which includes more info than typical Apache logs, so you can later analyze the data and take additional measures to improve the security of your sites if needed.

ModSecurity in Cloud Hosting

ModSecurity is supplied with all cloud hosting servers, so if you opt to host your sites with our organization, they'll be resistant to an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you'll have to do on your end. You'll be able to stop ModSecurity for any Internet site if required, or to activate a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You shall be able to view detailed logs from your Hepsia Control Panel including the IP where the attack came from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the safety of our customers' sites very seriously, we use a collection of commercial rules that we get from one of the best firms that maintain such rules. Our admins also add custom rules to ensure that your websites will be protected against as many risks as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting solutions and if you choose to host your websites with us, there shall not be anything special you will have to do as the firewall is activated by default for all domains and subdomains that you include via your hosting Control Panel. If needed, you can disable ModSecurity for a certain site or switch on the so-called detection mode in which case the firewall shall still work and record info, but won't do anything to prevent potential attacks on your Internet sites. Detailed logs shall be available within your Control Panel and you'll be able to see which kind of attacks happened, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, etc. We employ 2 kinds of rules on our servers - commercial ones from a business that operates in the field of web security, and custom made ones which our administrators sometimes include to respond to newly discovered threats promptly.

ModSecurity in VPS Hosting

Protection is very important to us, so we install ModSecurity on all virtual private servers that are provided with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section in Hepsia and is switched on automatically when you add a new domain or generate a subdomain, so you won't have to do anything by hand. You'll also be able to disable it or turn on the so-called detection mode, so it will keep a log of potential attacks that you can later analyze, but shall not stop them. The logs in both passive and active modes include information regarding the kind of the attack and how it was prevented, what IP it came from and other useful data which may help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. On top of the commercial rules that we get for ModSecurity from a third-party security company, we also employ our own rules since once in a while we discover specific attacks that are not yet present in the commercial group. This way, we can boost the protection of your VPS in a timely manner instead of awaiting a certified update.

ModSecurity in Dedicated Web Hosting

All our dedicated servers which are installed with the Hepsia hosting Control Panel come with ModSecurity, so any application you upload or install will be properly secured from the very beginning and you'll not have to stress about common attacks or vulnerabilities. A separate section within Hepsia will allow you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you will see in the logs can easily enable you to to secure your websites better - the IP an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, etcetera. With this info, you'll be able to see if a site needs an update, whether you ought to block IPs from accessing your web server, etc. In addition to the third-party commercial security rules for ModSecurity we use, our admins include custom ones too if they discover a new threat that's not yet a part of the commercial bundle.