ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is used to prevent attacks against script-driven sites through the use of security rules that contain specific expressions. In this way, the firewall can block hacking and spamming attempts and shield even websites which are not updated on a regular basis. As an example, multiple failed login attempts to a script admin area or attempts to execute a certain file with the purpose to get access to the script will trigger specific rules, so ModSecurity shall block out these activities the instant it identifies them. The firewall is quite efficient as it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It also keeps an incredibly detailed log of all attack attempts that contains more info than conventional Apache logs, so you could later examine the data and take extra measures to increase the security of your Internet sites if required.

ModSecurity in Cloud Website Hosting

ModSecurity is provided with all cloud website hosting web servers, so if you choose to host your websites with our business, they shall be resistant to an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you'll have to do on your end. You will be able to stop ModSecurity for any website if required, or to activate a detection mode, so all activity shall be recorded, but the firewall won't take any real action. You shall be able to view specific logs through your Hepsia CP including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. As we take the protection of our clients' sites very seriously, we use a set of commercial rules that we take from one of the top companies which maintain this kind of rules. Our administrators also add custom rules to make certain that your Internet sites shall be protected against as many risks as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server solutions and if you decide to host your websites with our company, there will not be anything special you'll have to do since the firewall is activated by default for all domains and subdomains that you include via your hosting Control Panel. If necessary, you can disable ModSecurity for a particular Internet site or activate the so-called detection mode in which case the firewall will still operate and record info, but won't do anything to prevent potential attacks against your Internet sites. In depth logs will be accessible in your CP and you will be able to see what sort of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, etc. We employ 2 types of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom ones that our admins occasionally add to respond to newly identified threats on time.

ModSecurity in VPS Servers

All VPS servers that are set up with the Hepsia Control Panel include ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the machine, so there will not be anything special which you will have to do to protect your Internet sites. It will take you only a click to stop ModSecurity if required or to turn on its passive mode so that it records what goes on without taking any steps to stop intrusions. You'll be able to look at the logs generated in active or passive mode from the corresponding section of Hepsia and discover more about the type of the attack, where it originated from, what rule the firewall employed to take care of it, and so on. We use a mix of commercial and custom rules so as to ensure that ModSecurity will block as many risks as possible, therefore enhancing the protection of your web programs as much as possible.

ModSecurity in Dedicated Servers

When you opt to host your websites on a dedicated server with the Hepsia CP, your web programs shall be protected right away since ModSecurity is supplied with all Hepsia-based plans. You shall be able to manage the firewall with ease and if needed, you shall be able to turn it off or switch on its passive mode when it'll only maintain a log of what's taking place without taking any action to stop possible attacks. The logs that you will find in the very same section of the Control Panel are incredibly detailed and include details about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, and so on. This info shall enable you to take measures and improve the protection of your sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones which our administrators add every time they detect attacks that have not yet been included within the commercial pack.