ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is employed to stop attacks toward script-driven websites by using security rules that contain particular expressions. In this way, the firewall can block hacking and spamming attempts and protect even sites which are not updated regularly. For example, numerous failed login attempts to a script administrator area or attempts to execute a specific file with the purpose to get access to the script shall trigger specific rules, so ModSecurity will block out these activities the second it identifies them. The firewall is extremely efficient because it screens the entire HTTP traffic to a website in real time without slowing it down, so it can easily stop an attack before any harm is done. It additionally keeps an exceptionally detailed log of all attack attempts that contains more information than traditional Apache logs, so you could later analyze the data and take additional measures to improve the security of your Internet sites if needed.

ModSecurity in Shared Hosting

We provide ModSecurity with all shared hosting packages, so your web apps shall be shielded from harmful attacks. The firewall is turned on by default for all domains and subdomains, but if you'd like, you'll be able to stop it through the respective part of your Hepsia CP. You could also activate a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you will find inside Hepsia are quite detailed and feature data about the nature of any attack, when it happened and from what IP address, the firewall rule that was triggered, and so on. We employ a group of commercial rules that are constantly updated, but sometimes our administrators include custom rules as well in order to efficiently protect the sites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

We have integrated ModSecurity as a standard in all semi-dedicated hosting products, so your web apps will be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts will permit you to switch on or disable the firewall for any Internet site with a mouse click. You will also be able to turn on a passive detection mode in which ModSecurity will keep a log of possible attacks without really stopping them. The detailed logs include the nature of the attack and what ModSecurity response that attack activated, where it came from, etc. The list of rules which we employ is regularly updated as to match any new threats that could appear on the Internet and it consists of both commercial rules that we get from a security company and custom-written ones that our administrators include if they find a threat that is not present within the commercial list yet.

ModSecurity in VPS Web Hosting

Safety is of the utmost importance to us, so we set up ModSecurity on all virtual private servers that are provided with the Hepsia CP as a standard. The firewall can be managed via a dedicated section in Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you will not need to do anything personally. You'll also be able to deactivate it or switch on the so-called detection mode, so it will keep a log of possible attacks which you can later examine, but won't block them. The logs in both passive and active modes include info about the type of the attack and how it was stopped, what IP it came from and other important information which might help you to tighten the security of your sites by updating them or blocking IPs, as an example. Beyond the commercial rules which we get for ModSecurity from a third-party security company, we also employ our own rules because from time to time we discover specific attacks which are not yet present in the commercial pack. This way, we can easily enhance the security of your VPS promptly instead of waiting for a certified update.

ModSecurity in Dedicated Servers Hosting

If you opt to host your websites on a dedicated server with the Hepsia CP, your web apps shall be protected right from the start because ModSecurity is available with all Hepsia-based plans. You'll be able to manage the firewall effortlessly and if required, you will be able to turn it off or switch on its passive mode when it will only keep a log of what is going on without taking any action to stop potential attacks. The logs that you'll find inside the very same section of the CP are incredibly detailed and feature info about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, etcetera. This info shall permit you to take measures and enhance the security of your sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our staff add when they identify attacks which haven't yet been included within the commercial pack.