ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is used to stop attacks towards script-driven websites through the use of security rules that contain particular expressions. This way, the firewall can prevent hacking and spamming attempts and shield even Internet sites which aren't updated frequently. As an example, multiple failed login attempts to a script administrator area or attempts to execute a specific file with the intention to get access to the script shall trigger particular rules, so ModSecurity shall stop these activities the second it discovers them. The firewall is extremely efficient since it screens the whole HTTP traffic to a site in real time without slowing it down, so it can stop an attack before any harm is done. It additionally maintains a very detailed log of all attack attempts that contains more information than typical Apache logs, so you can later analyze the data and take extra measures to enhance the security of your Internet sites if necessary.

ModSecurity in Web Hosting

We provide ModSecurity with all web hosting packages, so your web applications will be resistant to malicious attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you'll be able to stop it via the respective area of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you'll find inside Hepsia are extremely detailed and include information about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, etc. We employ a range of commercial rules that are frequently updated, but sometimes our administrators add custom rules as well in order to better protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages which we offer feature ModSecurity and since the firewall is enabled by default, any website that you set up under a domain or a subdomain shall be protected right away. An individual section inside the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll enable you to start and stop the firewall for any Internet site or switch on a detection mode. With the last option, ModSecurity won't take any action, but it'll still identify possible attacks and will keep all info within a log as if it were completely active. The logs could be found within the exact same section of the Control Panel and they offer specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules which we employ on our web servers are a mix of commercial ones from a security company and custom ones created by our system admins. As a result, we provide increased security for your web applications as we can protect them from attacks before security businesses release updates for brand new threats.

ModSecurity in Dedicated Web Hosting

When you choose to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web programs will be secured immediately as ModSecurity is provided with all Hepsia-based solutions. You shall be able to manage the firewall effortlessly and if necessary, you'll be able to turn it off or switch on its passive mode when it'll only maintain a log of what's happening without taking any action to prevent possible attacks. The logs which you'll find inside the same section of the CP are really detailed and contain data about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, etc. This information will permit you to take measures and increase the protection of your Internet sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our admins add when they recognize attacks that haven't yet been included within the commercial pack.