ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's used to prevent attacks towards script-driven websites by employing security rules that contain particular expressions. In this way, the firewall can block hacking and spamming attempts and shield even sites which aren't updated regularly. For instance, several failed login attempts to a script administrative area or attempts to execute a specific file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall block these activities the instant it detects them. The firewall is extremely efficient as it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It also keeps a very thorough log of all attack attempts which contains more info than typical Apache logs, so you could later examine the data and take further measures to boost the security of your websites if needed.

ModSecurity in Shared Hosting

ModSecurity is provided with all shared hosting web servers, so if you opt to host your sites with our organization, they will be shielded from an array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you will have to do on your end. You shall be able to stop ModSecurity for any website if required, or to activate a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You shall be able to view specific logs using your Hepsia CP including the IP address where the attack came from, what the attacker planned to do and how ModSecurity dealt with the threat. Since we take the safety of our customers' sites very seriously, we employ a set of commercial rules which we take from one of the best companies that maintain this kind of rules. Our admins also add custom rules to make sure that your Internet sites shall be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans that we offer feature ModSecurity and given that the firewall is turned on by default, any Internet site which you create under a domain or a subdomain shall be secured right away. A separate section in the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it will permit you to stop and start the firewall for any website or enable a detection mode. With the last option, ModSecurity will not take any action, but it'll still recognize possible attacks and shall keep all info within a log as if it were completely active. The logs can be found inside the same section of the CP and they feature info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules we use on our servers are a mix between commercial ones from a security business and custom ones made by our system admins. Consequently, we offer higher security for your web applications as we can protect them from attacks even before security businesses release updates for new threats.

ModSecurity in VPS Servers

All VPS servers which are offered with the Hepsia CP feature ModSecurity. The firewall is set up and activated by default for all domains that are hosted on the server, so there will not be anything special that you'll have to do to protect your websites. It will take you simply a mouse click to stop ModSecurity if needed or to turn on its passive mode so that it records what happens without taking any actions to stop intrusions. You shall be able to look at the logs created in active or passive mode through the corresponding section of Hepsia and discover more about the type of the attack, where it originated from, what rule the firewall used to handle it, and so on. We employ a combination of commercial and custom rules so as to make sure that ModSecurity will stop as many threats as possible, hence enhancing the protection of your web programs as much as possible.

ModSecurity in Dedicated Servers

When you choose to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web programs shall be secured right away because ModSecurity is provided with all Hepsia-based solutions. You'll be able to manage the firewall easily and if required, you shall be able to turn it off or activate its passive mode when it shall only keep a log of what is occurring without taking any action to prevent potential attacks. The logs which you'll find within the very same section of the Control Panel are extremely detailed and include details about the attacker IP address, what site and file were attacked and in what way, what rule the firewall used to stop the intrusion, and so on. This info shall enable you to take measures and improve the protection of your sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our staff add whenever they detect attacks that haven't yet been included inside the commercial pack.