ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is employed to stop attacks towards script-driven websites through the use of security rules that contain particular expressions. This way, the firewall can stop hacking and spamming attempts and preserve even websites which aren't updated frequently. For instance, several unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the purpose to get access to the script will trigger particular rules, so ModSecurity will block these activities the instant it discovers them. The firewall is extremely efficient as it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it can easily prevent an attack before any damage is done. It furthermore keeps an exceptionally thorough log of all attack attempts that contains more information than conventional Apache logs, so you could later analyze the data and take extra measures to increase the security of your websites if needed.

ModSecurity in Cloud Hosting

ModSecurity is supplied with all cloud hosting servers, so if you decide to host your websites with our organization, they will be protected against a wide range of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you shall have to do on your end. You'll be able to stop ModSecurity for any Internet site if necessary, or to enable a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You will be able to view detailed logs through your Hepsia CP including the IP address where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the safety of our clients' sites very seriously, we employ a selection of commercial rules which we take from one of the top firms that maintain this type of rules. Our admins also add custom rules to ensure that your sites shall be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Hosting

We've included ModSecurity as a standard in all semi-dedicated hosting packages, so your web apps will be protected the instant you install them under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts shall permit you to activate or turn off the firewall for any Internet site with a mouse click. You'll also be able to switch on a passive detection mode through which ModSecurity shall maintain a log of potential attacks without actually stopping them. The detailed logs contain the nature of the attack and what ModSecurity response this attack generated, where it originated from, etc. The list of rules that we use is regularly updated as to match any new threats which might appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones that our admins include in the event that they discover a threat which is not present in the commercial list yet.

ModSecurity in Dedicated Web Hosting

All of our dedicated servers that are installed with the Hepsia hosting CP feature ModSecurity, so any application you upload or install will be secured from the very beginning and you'll not need to worry about common attacks or vulnerabilities. An individual section inside Hepsia will permit you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records info about intrusions, but doesn't take actions to prevent them. What you'll find in the logs can enable you to to secure your websites better - the IP an attack came from, what website was attacked and in what way, what ModSecurity rule was triggered, etc. With this data, you'll be able to see whether an Internet site needs an update, whether you need to block IPs from accessing your web server, etcetera. On top of the third-party commercial security rules for ModSecurity which we use, our admins add custom ones as well when they find a new threat which is not yet in the commercial bundle.