ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's used to stop attacks toward script-driven sites through the use of security rules that contain particular expressions. In this way, the firewall can block hacking and spamming attempts and protect even sites which are not updated frequently. For instance, several unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the objective to get access to the script will trigger specific rules, so ModSecurity shall block these activities the moment it identifies them. The firewall is incredibly efficient because it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it could stop an attack before any damage is done. It additionally keeps a very detailed log of all attack attempts which features more information than conventional Apache logs, so you could later check out the data and take additional measures to increase the security of your Internet sites if needed.

ModSecurity in Hosting

ModSecurity can be found with every hosting solution which we provide and it's activated by default for every domain or subdomain that you include through your Hepsia CP. In case it interferes with any of your programs or you would like to disable it for some reason, you will be able to achieve that through the ModSecurity area of Hepsia with simply a click. You may also activate a passive mode, so the firewall will identify possible attacks and keep a log, but will not take any action. You'll be able to view extensive logs in the exact same section, including the IP where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etc. For optimum safety of our customers we use a collection of commercial firewall rules mixed with custom ones that are provided by our system admins.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions which we offer include ModSecurity and because the firewall is switched on by default, any site which you build under a domain or a subdomain will be protected immediately. An independent section within the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll permit you to start and stop the firewall for any site or activate a detection mode. With the latter, ModSecurity shall not take any action, but it will still recognize possible attacks and will keep all information inside a log as if it were fully active. The logs can be found in the very same section of the CP and they feature information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules which we employ on our servers are a mix of commercial ones from a security firm and custom ones developed by our system administrators. Consequently, we offer increased security for your web applications as we can protect them from attacks before security businesses release updates for completely new threats.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers we offer and it'll be switched on automatically for any new domain or subdomain which you add on the web server. This way, any web app you install shall be protected right from the start without doing anything by hand on your end. The firewall can be handled through the section of the Control Panel that bears the same name. This is the location whereyou'll be able to turn off ModSecurity or let its passive mode, so it will not take any action towards threats, but shall still maintain a thorough log. The recorded info is available in the same area as well and you'll be able to see what IPs any attacks came from so that you can stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules we use on our servers are a blend between commercial ones we obtain from a security organization and custom ones which are included by our staff to maximize the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

If you choose to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web applications shall be secured right from the start because ModSecurity is supplied with all Hepsia-based plans. You shall be able to regulate the firewall easily and if needed, you'll be able to turn it off or activate its passive mode when it shall only maintain a log of what is occurring without taking any action to prevent potential attacks. The logs which you'll find within the exact same section of the CP are very detailed and feature information about the attacker IP, what website and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so on. This data will permit you to take measures and enhance the protection of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our staff add when they identify attacks which have not yet been included within the commercial pack.