ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It is employed to stop attacks towards script-driven websites by employing security rules which contain certain expressions. In this way, the firewall can block hacking and spamming attempts and preserve even sites that aren't updated frequently. As an example, multiple unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the purpose to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the minute it identifies them. The firewall is extremely efficient as it monitors the whole HTTP traffic to a site in real time without slowing it down, so it could stop an attack before any harm is done. It also keeps an exceptionally thorough log of all attack attempts that contains more info than standard Apache logs, so you can later analyze the data and take extra measures to enhance the security of your Internet sites if required.

ModSecurity in Cloud Website Hosting

We offer ModSecurity with all cloud website hosting solutions, so your web applications will be resistant to malicious attacks. The firewall is turned on by default for all domains and subdomains, but in case you'd like, you shall be able to stop it using the respective part of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you will discover within Hepsia are incredibly detailed and offer information about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, and so forth. We employ a range of commercial rules which are constantly updated, but sometimes our admins add custom rules as well so as to efficiently protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

We have integrated ModSecurity by default within all semi-dedicated hosting products, so your web applications will be protected as soon as you set them up under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall permit you to activate or disable the firewall for any Internet site with a click. You will also have the ability to switch on a passive detection mode with which ModSecurity shall maintain a log of possible attacks without really stopping them. The comprehensive logs include the nature of the attack and what ModSecurity response that attack initiated, where it originated from, etcetera. The list of rules we use is frequently updated as to match any new threats that may appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones which our admins include in the event that they discover a threat that's not present in the commercial list yet.

ModSecurity in VPS Web Hosting

ModSecurity is included with all Hepsia-based virtual private servers which we offer and it'll be switched on automatically for any new domain or subdomain you add on the server. That way, any web application that you install shall be protected right away without doing anything by hand on your end. The firewall may be handled via the section of the CP which has the same name. This is the area in whichyou can switch off ModSecurity or enable its passive mode, so it will not take any action toward threats, but shall still maintain a comprehensive log. The recorded data is available inside the same section as well and you will be able to see what IPs any attacks came from so that you can stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules we use on our servers are a blend between commercial ones we obtain from a security firm and custom ones which are added by our staff to optimize the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers Hosting

All of our dedicated servers that are installed with the Hepsia hosting Control Panel come with ModSecurity, so any app you upload or set up shall be secured from the very beginning and you won't need to stress about common attacks or vulnerabilities. An individual section within Hepsia will permit you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you shall discover in the logs can easily help you to secure your websites better - the IP address an attack came from, what website was attacked and exactly how, what ModSecurity rule was triggered, etc. With this info, you could see whether an Internet site needs an update, if you ought to block IPs from accessing your server, etcetera. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones too whenever they come across a new threat which is not yet a part of the commercial bundle.