ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's employed to prevent attacks towards script-driven Internet sites by employing security rules that contain certain expressions. That way, the firewall can block hacking and spamming attempts and preserve even sites which aren't updated frequently. As an example, a number of unsuccessful login attempts to a script admin area or attempts to execute a specific file with the intention to get access to the script will trigger certain rules, so ModSecurity shall block out these activities the minute it identifies them. The firewall is extremely efficient as it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It also maintains an exceptionally comprehensive log of all attack attempts that includes more info than standard Apache logs, so you can later analyze the data and take extra measures to increase the security of your sites if needed.

ModSecurity in Shared Hosting

ModSecurity comes by default with all shared hosting solutions which we offer and it'll be switched on automatically for any domain or subdomain you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you can activate and disable it with just a mouse click or set it to detection mode, so it will keep a log of all attacks, but it'll not do anything to prevent them. The log for each of your Internet sites will include detailed info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules which we use are constantly updated and include both commercial ones that we get from a third-party security firm and custom ones our system admins include in the event that they detect a new type of attacks. This way, the websites you host here shall be much more protected with no action expected on your end.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting solutions and if you choose to host your sites with our company, there shall not be anything special you'll have to do given that the firewall is activated by default for all domains and subdomains you add through your hosting CP. If needed, you could disable ModSecurity for a certain website or switch on the so-called detection mode in which case the firewall will still function and record information, but shall not do anything to stop possible attacks against your Internet sites. Thorough logs shall be available within your Control Panel and you shall be able to see what type of attacks happened, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, etcetera. We use 2 kinds of rules on our servers - commercial ones from a company which operates in the field of web security, and custom made ones that our administrators often include to respond to newly identified risks promptly.

ModSecurity in VPS Hosting

ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting CP, so your web programs shall be secured from the second your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if necessary, you'll be able to deactivate it with a click via the corresponding section of Hepsia. You could also set it to function in detection mode, so it shall maintain a comprehensive log of any possible attacks without taking any action to stop them. The logs are available within the very same section and offer info about the nature of the attack, what IP it came from and what ModSecurity rule was initiated to stop it. For best security, we employ not only commercial rules from a company operating in the field of web security, but also custom ones our admins add personally in order to react to new threats which are still not tackled in the commercial rules.

ModSecurity in Dedicated Web Hosting

When you opt to host your sites on a dedicated server with the Hepsia Control Panel, your web applications will be protected right from the start since ModSecurity is available with all Hepsia-based solutions. You'll be able to control the firewall easily and if required, you shall be able to turn it off or switch on its passive mode when it shall only maintain a log of what's taking place without taking any action to prevent potential attacks. The logs which you'll find inside the very same section of the Control Panel are really detailed and feature data about the attacker IP address, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etcetera. This information shall enable you to take measures and enhance the security of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our administrators add whenever they detect attacks which have not yet been included within the commercial pack.