ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is employed to stop attacks against script-driven websites by employing security rules that contain specific expressions. In this way, the firewall can stop hacking and spamming attempts and preserve even sites that are not updated regularly. For instance, numerous unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the intention to get access to the script shall trigger certain rules, so ModSecurity shall stop these activities the instant it identifies them. The firewall is incredibly efficient as it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it can easily stop an attack before any damage is done. It also keeps an exceptionally detailed log of all attack attempts that contains more information than typical Apache logs, so you could later check out the data and take additional measures to increase the security of your websites if needed.

ModSecurity in Cloud Hosting

ModSecurity comes standard with all cloud hosting plans which we offer and it will be activated automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and disable it with a mouse click or set it to detection mode, so it'll maintain a log of all attacks, but it will not do anything to prevent them. The log for any of your websites shall include in-depth information including the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules that we use are regularly updated and incorporate both commercial ones we get from a third-party security firm and custom ones which our system administrators add in case that they detect a new sort of attacks. This way, the websites you host here shall be far more protected without any action needed on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages that we offer include ModSecurity and given that the firewall is enabled by default, any site you create under a domain or a subdomain shall be protected straight away. A separate section within the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll enable you to stop and start the firewall for any website or enable a detection mode. With the last option, ModSecurity will not take any action, but it'll still recognize possible attacks and will keep all information within a log as if it were 100% active. The logs can be found in the exact same section of the CP and they feature information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules we employ on our web servers are a mix between commercial ones from a security firm and custom ones created by our system administrators. As a result, we offer greater security for your web apps as we can shield them from attacks before security firms release updates for completely new threats.

ModSecurity in VPS

All virtual private servers which are set up with the Hepsia CP feature ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the machine, so there shall not be anything special which you'll have to do to protect your websites. It shall take you only a mouse click to stop ModSecurity if necessary or to turn on its passive mode so that it records what occurs without taking any actions to stop intrusions. You will be able to look at the logs created in active or passive mode through the corresponding section of Hepsia and discover more about the type of the attack, where it originated from, what rule the firewall used to take care of it, etcetera. We employ a combination of commercial and custom rules so as to make certain that ModSecurity will block out as many threats as possible, therefore enhancing the security of your web apps as much as possible.

ModSecurity in Dedicated Hosting

All our dedicated servers that are set up with the Hepsia hosting CP include ModSecurity, so any application which you upload or set up shall be secured from the very beginning and you will not have to worry about common attacks or vulnerabilities. An individual section in Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or turn on a detection mode so that it records info about intrusions, but doesn't take actions to prevent them. What you will discover in the logs can easily help you to secure your websites better - the IP address an attack came from, what site was attacked and in what way, what ModSecurity rule was triggered, etcetera. With this info, you could see if a site needs an update, whether you should block IPs from accessing your hosting server, etc. On top of the third-party commercial security rules for ModSecurity which we use, our admins include custom ones as well every time they discover a new threat that's not yet included in the commercial bundle.