ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is employed to stop attacks towards script-driven Internet sites by employing security rules that contain particular expressions. That way, the firewall can block hacking and spamming attempts and preserve even websites that aren't updated frequently. For example, several failed login attempts to a script administrative area or attempts to execute a particular file with the objective to get access to the script shall trigger particular rules, so ModSecurity will block out these activities the instant it detects them. The firewall is quite efficient since it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any damage is done. It also maintains a very detailed log of all attack attempts which includes more info than standard Apache logs, so you could later examine the data and take extra measures to boost the security of your Internet sites if required.

ModSecurity in Hosting

We provide ModSecurity with all hosting plans, so your Internet applications will be resistant to malicious attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you will be able to stop it via the respective area of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you shall discover inside Hepsia are incredibly detailed and include data about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, and so on. We employ a set of commercial rules which are frequently updated, but sometimes our admins add custom rules as well so as to efficiently protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions that we offer include ModSecurity and since the firewall is enabled by default, any Internet site you set up under a domain or a subdomain will be secured immediately. An individual section within the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll enable you to stop and start the firewall for any Internet site or enable a detection mode. With the last option, ModSecurity will not take any action, but it'll still identify possible attacks and shall keep all info inside a log as if it were 100% active. The logs could be found in the very same section of the Control Panel and they feature info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules that we use on our machines are a mix of commercial ones from a security business and custom ones created by our system administrators. For that reason, we offer increased security for your web programs as we can defend them from attacks even before security businesses release updates for new threats.

ModSecurity in Dedicated Servers

All of our dedicated servers that are installed with the Hepsia hosting Control Panel come with ModSecurity, so any app which you upload or install shall be secured from the very beginning and you'll not have to stress about common attacks or vulnerabilities. An independent section within Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you'll discover in the logs can enable you to to secure your websites better - the IP an attack originated from, what website was attacked and in what way, what ModSecurity rule was triggered, etc. With this data, you could see whether an Internet site needs an update, if you should block IPs from accessing your hosting server, and so on. Besides the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones as well whenever they discover a new threat that is not yet included in the commercial bundle.