ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is employed to prevent attacks against script-driven sites through the use of security rules that contain particular expressions. That way, the firewall can prevent hacking and spamming attempts and preserve even sites which are not updated regularly. For example, numerous unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the objective to get access to the script will trigger specific rules, so ModSecurity will block these activities the second it identifies them. The firewall is extremely efficient since it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it will be able to stop an attack before any damage is done. It also maintains an incredibly thorough log of all attack attempts which contains more information than conventional Apache logs, so you could later examine the data and take extra measures to boost the security of your Internet sites if needed.

ModSecurity in Cloud Hosting

ModSecurity is provided with all cloud hosting servers, so if you opt to host your websites with our firm, they will be resistant to a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you will have to do on your end. You will be able to stop ModSecurity for any website if necessary, or to enable a detection mode, so that all activity shall be recorded, but the firewall will not take any real action. You will be able to view specific logs via your Hepsia CP including the IP where the attack originated from, what the attacker planned to do and how ModSecurity addressed the threat. As we take the protection of our clients' sites very seriously, we use a set of commercial rules that we get from one of the top companies which maintain this sort of rules. Our admins also add custom rules to ensure that your websites shall be protected against as many risks as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting plans and if you opt to host your sites with our company, there shall not be anything special you'll need to do as the firewall is turned on by default for all domains and subdomains that you include using your hosting Control Panel. If needed, you could disable ModSecurity for a given website or turn on the so-called detection mode in which case the firewall shall still operate and record info, but shall not do anything to stop possible attacks against your sites. In depth logs shall be available in your Control Panel and you shall be able to see which kind of attacks took place, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, and so forth. We employ 2 types of rules on our servers - commercial ones from a business that operates in the field of web security, and customized ones which our administrators occasionally include to respond to newly discovered risks on time.

ModSecurity in VPS Hosting

Protection is essential to us, so we set up ModSecurity on all virtual private servers that are provided with the Hepsia Control Panel as a standard. The firewall can be managed via a dedicated section within Hepsia and is activated automatically when you add a new domain or generate a subdomain, so you will not have to do anything personally. You'll also be able to disable it or switch on the so-called detection mode, so it'll keep a log of possible attacks you can later examine, but shall not stop them. The logs in both passive and active modes include info about the kind of the attack and how it was eliminated, what IP address it originated from and other valuable information that may help you to tighten the security of your websites by updating them or blocking IPs, for instance. Besides the commercial rules we get for ModSecurity from a third-party security enterprise, we also employ our own rules as from time to time we find specific attacks which aren't yet present inside the commercial group. This way, we could improve the protection of your Virtual private server right away instead of waiting for an official update.

ModSecurity in Dedicated Web Hosting

All of our dedicated servers that are set up with the Hepsia hosting CP include ModSecurity, so any program which you upload or install will be properly secured from the very beginning and you'll not need to stress about common attacks or vulnerabilities. An independent section inside Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records info about intrusions, but doesn't take actions to prevent them. What you will find in the logs can enable you to to secure your websites better - the IP an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, and so on. With this info, you could see whether a website needs an update, whether you should block IPs from accessing your web server, etcetera. Besides the third-party commercial security rules for ModSecurity which we use, our admins include custom ones too when they come across a new threat that is not yet included in the commercial bundle.