ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's used to stop attacks toward script-driven Internet sites through the use of security rules that contain specific expressions. In this way, the firewall can prevent hacking and spamming attempts and protect even sites that are not updated regularly. For example, a number of failed login attempts to a script admin area or attempts to execute a certain file with the intention to get access to the script will trigger particular rules, so ModSecurity shall block out these activities the second it identifies them. The firewall is incredibly efficient as it monitors the whole HTTP traffic to a site in real time without slowing it down, so it can prevent an attack before any harm is done. It furthermore maintains a very detailed log of all attack attempts which features more info than traditional Apache logs, so you can later analyze the data and take extra measures to increase the security of your Internet sites if necessary.

ModSecurity in Shared Website Hosting

ModSecurity comes standard with all shared website hosting solutions that we supply and it'll be turned on automatically for any domain or subdomain that you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you can switch on and deactivate it with only a mouse click or set it to detection mode, so it will keep a log of all attacks, but it'll not do anything to prevent them. The log for any of your websites will include elaborate information such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are regularly updated and incorporate both commercial ones which we get from a third-party security company and custom ones our system admins include in the event that they detect a new type of attacks. That way, the websites that you host here will be far more secure without any action required on your end.

ModSecurity in Semi-dedicated Hosting

Any web app that you set up in your new semi-dedicated hosting account shall be protected by ModSecurity because the firewall comes with all our hosting packages and is turned on by default for any domain and subdomain which you include or create via your Hepsia hosting Control Panel. You shall be able to manage ModSecurity through a dedicated area in Hepsia where not only can you activate or deactivate it entirely, but you can also activate a passive mode, so the firewall will not block anything, but it'll still maintain a record of potential attacks. This takes simply a mouse click and you will be able to view the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was dealt with, and so forth. The firewall employs two sets of rules on our web servers - a commercial one which we get from a third-party web security firm and a custom one that our administrators update personally in order to respond to newly discovered risks as soon as possible.

ModSecurity in VPS Web Hosting

ModSecurity comes with all Hepsia-based virtual private servers that we offer and it shall be activated automatically for every new domain or subdomain you add on the hosting server. In this way, any web app which you install will be secured right away without doing anything by hand on your end. The firewall can be handled from the section of the Control Panel which bears the same name. This is the place in whichyou'll be able to disable ModSecurity or let its passive mode, so it will not take any action toward threats, but shall still keep a detailed log. The recorded data is available within the same section as well and you shall be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules we use on our servers are a mixture between commercial ones that we obtain from a security firm and custom ones which are added by our admins to improve the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers Hosting

All of our dedicated servers which are set up with the Hepsia hosting CP come with ModSecurity, so any program which you upload or set up will be properly secured from the very beginning and you will not have to worry about common attacks or vulnerabilities. An individual section in Hepsia will allow you to start or stop the firewall for any domain or subdomain, or switch on a detection mode so that it records info about intrusions, but doesn't take actions to stop them. What you shall find in the logs shall help you to secure your websites better - the IP an attack originated from, what website was attacked and in what way, what ModSecurity rule was triggered, and so on. With this information, you could see if a website needs an update, whether you ought to block IPs from accessing your web server, etc. On top of the third-party commercial security rules for ModSecurity that we use, our admins include custom ones as well every time they come across a new threat which is not yet included in the commercial bundle.