ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's used to prevent attacks toward script-driven Internet sites by using security rules that contain specific expressions. In this way, the firewall can block hacking and spamming attempts and protect even Internet sites that aren't updated often. As an example, multiple unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the objective to get access to the script will trigger particular rules, so ModSecurity shall block these activities the second it identifies them. The firewall is extremely efficient as it screens the entire HTTP traffic to a site in real time without slowing it down, so it could stop an attack before any harm is done. It additionally keeps an incredibly thorough log of all attack attempts that features more info than conventional Apache logs, so you can later check out the data and take further measures to improve the security of your Internet sites if necessary.

ModSecurity in Hosting

ModSecurity is available on all hosting web servers, so if you opt to host your Internet sites with our company, they will be resistant to a wide range of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you will need to do on your end. You shall be able to stop ModSecurity for any site if necessary, or to switch on a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You shall be able to view detailed logs through your Hepsia CP including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. Since we take the protection of our customers' websites seriously, we employ a selection of commercial rules that we get from one of the top firms that maintain this sort of rules. Our admins also include custom rules to make certain that your websites will be protected against as many threats as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting packages and if you choose to host your sites with us, there won't be anything special you will have to do given that the firewall is switched on by default for all domains and subdomains you add via your hosting CP. If needed, you'll be able to disable ModSecurity for a given website or enable the so-called detection mode in which case the firewall will still function and record info, but shall not do anything to prevent possible attacks against your websites. Thorough logs will be available in your CP and you'll be able to see what sort of attacks took place, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, etcetera. We employ 2 sorts of rules on our servers - commercial ones from a company which operates in the field of web security, and custom made ones which our administrators sometimes add to respond to newly found threats in a timely manner.

ModSecurity in VPS Hosting

ModSecurity comes with all Hepsia-based virtual private servers that we offer and it shall be switched on automatically for any new domain or subdomain that you add on the machine. This way, any web application which you install will be secured from the very beginning without doing anything manually on your end. The firewall may be handled through the section of the CP that has the same name. This is the location whereyou could disable ModSecurity or let its passive mode, so it won't take any action toward threats, but shall still maintain a detailed log. The recorded data is available inside the same section as well and you'll be able to see what IPs any attacks originated from so that you can block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules we employ on our servers are a combination between commercial ones which we obtain from a security firm and custom ones that are added by our staff to improve the protection of any web apps hosted on our end.

ModSecurity in Dedicated Web Hosting

ModSecurity comes with all dedicated servers that are integrated with our Hepsia CP and you will not need to do anything specific on your end to employ it since it's activated by default each time you add a new domain or subdomain on your hosting server. In case it interferes with any of your programs, you will be able to stop it via the respective section of Hepsia, or you can leave it operating in passive mode, so it shall detect attacks and will still maintain a log for them, but won't stop them. You'll be able to analyze the logs later to learn what you can do to improve the security of your Internet sites as you will find details such as where an intrusion attempt came from, what Internet site was attacked and in accordance with what rule ModSecurity responded, and so on. The rules which we employ are commercial, therefore they're regularly updated by a security company, but to be on the safe side, our administrators also add custom rules once in a while as to respond to any new threats they have discovered.