ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is employed to prevent attacks towards script-driven Internet sites by using security rules that contain particular expressions. This way, the firewall can prevent hacking and spamming attempts and preserve even Internet sites that are not updated often. As an example, multiple failed login attempts to a script administrative area or attempts to execute a particular file with the objective to get access to the script shall trigger specific rules, so ModSecurity shall block out these activities the instant it discovers them. The firewall is very efficient because it screens the entire HTTP traffic to a website in real time without slowing it down, so it can easily stop an attack before any damage is done. It additionally keeps an exceptionally detailed log of all attack attempts that contains more info than standard Apache logs, so you could later examine the data and take additional measures to increase the security of your sites if needed.

ModSecurity in Shared Web Hosting

We provide ModSecurity with all shared web hosting plans, so your Internet applications shall be shielded from destructive attacks. The firewall is activated by default for all domains and subdomains, but in case you'd like, you'll be able to stop it via the respective section of your Hepsia CP. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you shall discover within Hepsia are quite detailed and feature information about the nature of any attack, when it happened and from what IP address, the firewall rule which was triggered, and so forth. We use a set of commercial rules which are constantly updated, but sometimes our administrators add custom rules as well in order to efficiently protect the sites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

We have incorporated ModSecurity as a standard within all semi-dedicated hosting products, so your web applications shall be protected the instant you set them up under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts shall permit you to activate or disable the firewall for any site with a mouse click. You'll also have the ability to activate a passive detection mode in which ModSecurity shall keep a log of possible attacks without actually preventing them. The detailed logs include the nature of the attack and what ModSecurity response this attack generated, where it came from, and so forth. The list of rules we employ is constantly updated in order to match any new risks which might appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones that our administrators include if they find a threat that's not present inside the commercial list yet.

ModSecurity in VPS Web Hosting

All virtual private servers which are offered with the Hepsia CP come with ModSecurity. The firewall is installed and switched on by default for all domains that are hosted on the server, so there will not be anything special which you'll need to do to protect your Internet sites. It will take you a mouse click to stop ModSecurity if needed or to turn on its passive mode so that it records what happens without taking any measures to prevent intrusions. You will be able to look at the logs created in passive or active mode through the corresponding section of Hepsia and learn more about the type of the attack, where it originated from, what rule the firewall employed to tackle it, etc. We use a mixture of commercial and custom rules so as to ensure that ModSecurity will block out as many risks as possible, consequently boosting the protection of your web apps as much as possible.