ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is employed to prevent attacks toward script-driven sites by employing security rules which contain particular expressions. In this way, the firewall can prevent hacking and spamming attempts and protect even websites which are not updated often. For instance, numerous unsuccessful login attempts to a script administrator area or attempts to execute a certain file with the objective to get access to the script will trigger particular rules, so ModSecurity shall block out these activities the minute it discovers them. The firewall is very efficient because it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it could stop an attack before any damage is done. It also keeps a very comprehensive log of all attack attempts that contains more info than conventional Apache logs, so you could later examine the data and take additional measures to enhance the security of your sites if required.

ModSecurity in Website Hosting

ModSecurity is available on all website hosting web servers, so when you decide to host your Internet sites with our company, they'll be protected against an array of attacks. The firewall is turned on by default for all domains and subdomains, so there shall be nothing you shall need to do on your end. You will be able to stop ModSecurity for any website if necessary, or to enable a detection mode, so all activity shall be recorded, but the firewall won't take any real action. You will be able to view comprehensive logs from your Hepsia Control Panel including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity dealt with the threat. Since we take the security of our customers' websites very seriously, we use a collection of commercial rules which we get from one of the top companies which maintain this type of rules. Our admins also include custom rules to make certain that your websites shall be protected against as many threats as possible.

ModSecurity in Semi-dedicated Hosting

Any web app which you install inside your new semi-dedicated hosting account shall be protected by ModSecurity since the firewall comes with all our hosting plans and is activated by default for any domain and subdomain that you include or create via your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated area inside Hepsia where not simply can you activate or deactivate it entirely, but you could also switch on a passive mode, so the firewall won't stop anything, but it'll still keep a record of possible attacks. This takes just a mouse click and you will be able to look at the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was taken care of, etcetera. The firewall uses two groups of rules on our machines - a commercial one which we get from a third-party web security company and a custom one that our administrators update manually in order to respond to recently discovered threats immediately.

ModSecurity in VPS Web Hosting

ModSecurity is provided with all Hepsia-based virtual private servers that we offer and it shall be activated automatically for any new domain or subdomain that you include on the hosting server. That way, any web app you install shall be protected right away without doing anything personally on your end. The firewall may be handled through the section of the Control Panel which bears the same name. This is the place whereyou'll be able to turn off ModSecurity or let its passive mode, so it will not take any action toward threats, but shall still maintain a comprehensive log. The recorded data is available within the same area as well and you'll be able to see what IPs any attacks came from to enable you to stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules which we employ on our servers are a mix between commercial ones which we obtain from a security organization and custom ones that are added by our admins to optimize the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers Hosting

ModSecurity comes with all dedicated servers which are integrated with our Hepsia Control Panel and you'll not have to do anything specific on your end to employ it because it's activated by default whenever you include a new domain or subdomain on your hosting server. In the event that it interferes with any of your applications, you'll be able to stop it via the respective area of Hepsia, or you may leave it working in passive mode, so it shall recognize attacks and shall still keep a log for them, but shall not block them. You can look at the logs later to determine what you can do to improve the protection of your sites since you'll find details such as where an intrusion attempt originated from, what Internet site was attacked and based upon what rule ModSecurity responded, and so on. The rules that we employ are commercial, therefore they are frequently updated by a security firm, but to be on the safe side, our admins also include custom rules every now and then in order to deal with any new threats they have found.