ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's used to stop attacks towards script-driven Internet sites by employing security rules that contain particular expressions. This way, the firewall can stop hacking and spamming attempts and protect even sites which aren't updated regularly. For instance, multiple failed login attempts to a script administrative area or attempts to execute a specific file with the objective to get access to the script will trigger particular rules, so ModSecurity will stop these activities the moment it identifies them. The firewall is incredibly efficient since it tracks the whole HTTP traffic to a site in real time without slowing it down, so it can easily prevent an attack before any harm is done. It furthermore keeps a very thorough log of all attack attempts that contains more information than traditional Apache logs, so you can later analyze the data and take further measures to increase the security of your websites if needed.
ModSecurity in Shared Website Hosting
ModSecurity is supplied with all shared website hosting servers, so if you opt to host your sites with our organization, they shall be shielded from a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there will be nothing you shall have to do on your end. You will be able to stop ModSecurity for any website if needed, or to enable a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You'll be able to view specific logs through your Hepsia Control Panel including the IP where the attack came from, what the attacker planned to do and how ModSecurity handled the threat. Since we take the protection of our customers' sites seriously, we use a group of commercial rules that we take from one of the best firms that maintain this sort of rules. Our administrators also include custom rules to ensure that your Internet sites shall be resistant to as many risks as possible.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting solutions that we offer feature ModSecurity and since the firewall is switched on by default, any site that you create under a domain or a subdomain will be secured right away. An individual section in the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it will enable you to stop and start the firewall for any site or activate a detection mode. With the last option, ModSecurity won't take any action, but it'll still detect possible attacks and shall keep all information in a log as if it were completely active. The logs can be found inside the exact same section of the CP and they feature information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etcetera. The security rules which we employ on our servers are a mix between commercial ones from a security company and custom ones created by our system admins. Consequently, we offer greater security for your web applications as we can defend them from attacks before security businesses release updates for completely new threats.
ModSecurity in VPS Hosting
ModSecurity is pre-installed on all virtual private servers which are provided with the Hepsia hosting CP, so your web applications shall be secured from the moment your server is in a position. The firewall is activated by default for any domain or subdomain on the VPS, but if required, you'll be able to disable it with a click via the corresponding section of Hepsia. You may also set it to function in detection mode, so it shall maintain a comprehensive log of any potential attacks without taking any action to stop them. The logs are available in the exact same section and provide information about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For maximum security, we employ not just commercial rules from a company operating in the field of web security, but also custom ones which our administrators add personally so as to respond to new threats which are still not dealt with in the commercial rules.
ModSecurity in Dedicated Web Hosting
If you decide to host your sites on a dedicated server with the Hepsia CP, your web programs will be protected immediately because ModSecurity is provided with all Hepsia-based packages. You will be able to regulate the firewall without difficulty and if needed, you will be able to turn it off or switch on its passive mode when it shall only maintain a log of what's going on without taking any action to prevent possible attacks. The logs which you can find inside the same section of the CP are incredibly detailed and feature information about the attacker IP, what website and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etc. This information shall allow you to take measures and increase the protection of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our admins include every time they detect attacks which have not yet been included within the commercial pack.