ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is used to prevent attacks towards script-driven Internet sites by using security rules that contain specific expressions. This way, the firewall can stop hacking and spamming attempts and preserve even Internet sites which aren't updated frequently. As an example, a number of unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the objective to get access to the script will trigger certain rules, so ModSecurity will block these activities the instant it identifies them. The firewall is extremely efficient because it monitors the whole HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any damage is done. It also maintains an incredibly detailed log of all attack attempts which contains more information than conventional Apache logs, so you could later analyze the data and take additional measures to increase the security of your sites if required.

ModSecurity in Cloud Website Hosting

ModSecurity is provided with all cloud website hosting servers, so if you opt to host your websites with our firm, they'll be shielded from a wide range of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any website if needed, or to activate a detection mode, so all activity will be recorded, but the firewall won't take any real action. You will be able to view comprehensive logs via your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity addressed the threat. Since we take the security of our clients' websites seriously, we employ a selection of commercial rules that we take from one of the leading firms that maintain this type of rules. Our administrators also include custom rules to ensure that your websites will be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Hosting

Any web application that you set up in your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall comes with all our hosting solutions and is turned on by default for any domain and subdomain that you add or create using your Hepsia hosting Control Panel. You will be able to manage ModSecurity via a dedicated section within Hepsia where not simply could you activate or deactivate it entirely, but you may also activate a passive mode, so the firewall won't block anything, but it shall still maintain an archive of potential attacks. This takes only a mouse click and you will be able to look at the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, etc. The firewall employs 2 sets of rules on our machines - a commercial one that we get from a third-party web security company and a custom one which our administrators update personally as to respond to recently discovered risks as quickly as possible.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers that are offered with the Hepsia hosting CP, so your web programs shall be protected from the moment your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if required, you'll be able to disable it with a mouse click via the corresponding section of Hepsia. You can also set it to operate in detection mode, so it'll keep a comprehensive log of any potential attacks without taking any action to prevent them. The logs can be found inside the very same section and offer information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For maximum security, we use not only commercial rules from a company operating in the field of web security, but also custom ones that our admins include manually so as to react to new risks that are still not tackled in the commercial rules.

ModSecurity in Dedicated Hosting

All our dedicated servers that are set up with the Hepsia hosting CP feature ModSecurity, so any app which you upload or install shall be properly secured from the very beginning and you'll not need to stress about common attacks or vulnerabilities. A separate section within Hepsia will enable you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you'll find in the logs shall enable you to to secure your sites better - the IP address an attack originated from, what site was attacked and exactly how, what ModSecurity rule was triggered, and so on. With this info, you can see if an Internet site needs an update, whether you need to block IPs from accessing your server, and so forth. In addition to the third-party commercial security rules for ModSecurity which we use, our admins add custom ones as well when they come across a new threat that's not yet included in the commercial bundle.