ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It is used to prevent attacks against script-driven websites through the use of security rules which contain certain expressions. That way, the firewall can block hacking and spamming attempts and preserve even Internet sites which are not updated often. For example, a number of unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the objective to get access to the script will trigger specific rules, so ModSecurity will block these activities the instant it detects them. The firewall is quite efficient since it screens the whole HTTP traffic to a website in real time without slowing it down, so it can prevent an attack before any damage is done. It also keeps an exceptionally detailed log of all attack attempts which features more info than typical Apache logs, so you could later analyze the data and take extra measures to enhance the security of your sites if necessary.

ModSecurity in Cloud Website Hosting

ModSecurity comes standard with all cloud website hosting packages which we offer and it'll be activated automatically for any domain or subdomain that you add/create in your Hepsia hosting Control Panel. The firewall has three different modes, so you could switch on and deactivate it with simply a click or set it to detection mode, so it'll maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your websites shall include in-depth information such as the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules we use are frequently updated and consist of both commercial ones which we get from a third-party security business and custom ones that our system administrators add in the event that they detect a new sort of attacks. In this way, the websites which you host here will be far more secure with no action needed on your end.

ModSecurity in Semi-dedicated Hosting

We've incorporated ModSecurity by default within all semi-dedicated hosting packages, so your web apps will be protected the instant you set them up under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts will permit you to activate or disable the firewall for any website with a mouse click. You'll also be able to switch on a passive detection mode with which ModSecurity will keep a log of potential attacks without actually preventing them. The thorough logs contain the nature of the attack and what ModSecurity response that attack generated, where it came from, and so forth. The list of rules that we employ is frequently updated in order to match any new risks that may appear on the Internet and it comes with both commercial rules that we get from a security corporation and custom-written ones that our administrators add in case they discover a threat that's not present within the commercial list yet.

ModSecurity in VPS

Safety is vital to us, so we set up ModSecurity on all virtual private servers that are made available with the Hepsia CP by default. The firewall could be managed via a dedicated section inside Hepsia and is activated automatically when you include a new domain or create a subdomain, so you won't have to do anything personally. You shall also be able to deactivate it or turn on the so-called detection mode, so it shall maintain a log of possible attacks that you can later examine, but will not prevent them. The logs in both passive and active modes offer details about the kind of the attack and how it was stopped, what IP address it originated from and other important information which might help you to tighten the security of your websites by updating them or blocking IPs, as an example. On top of the commercial rules we get for ModSecurity from a third-party security company, we also employ our own rules because every now and then we discover specific attacks that are not yet present in the commercial group. This way, we can easily boost the protection of your VPS promptly instead of awaiting an official update.

ModSecurity in Dedicated Hosting

When you decide to host your websites on a dedicated server with the Hepsia CP, your web programs will be protected straight away since ModSecurity is available with all Hepsia-based solutions. You will be able to manage the firewall effortlessly and if necessary, you shall be able to turn it off or enable its passive mode when it shall only maintain a log of what is going on without taking any action to prevent possible attacks. The logs that you will find in the exact same section of the Control Panel are quite detailed and feature data about the attacker IP, what site and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, etc. This information will allow you to take measures and improve the security of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our administrators include every time they detect attacks which have not yet been included within the commercial pack.