ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's used to prevent attacks towards script-driven Internet sites through the use of security rules that contain specific expressions. That way, the firewall can stop hacking and spamming attempts and preserve even websites which are not updated regularly. As an example, multiple failed login attempts to a script administrative area or attempts to execute a certain file with the objective to get access to the script shall trigger particular rules, so ModSecurity shall stop these activities the moment it discovers them. The firewall is extremely efficient since it tracks the whole HTTP traffic to a website in real time without slowing it down, so it will be able to stop an attack before any damage is done. It furthermore keeps an incredibly comprehensive log of all attack attempts that includes more information than standard Apache logs, so you could later analyze the data and take further measures to enhance the security of your websites if needed.

ModSecurity in Cloud Web Hosting

We offer ModSecurity with all cloud web hosting packages, so your web applications will be shielded from destructive attacks. The firewall is turned on as standard for all domains and subdomains, but in case you'd like, you will be able to stop it through the respective area of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you'll discover in Hepsia are extremely detailed and include info about the nature of any attack, when it happened and from what IP address, the firewall rule that was triggered, etc. We use a range of commercial rules which are often updated, but sometimes our administrators add custom rules as well so as to efficiently protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

Any web program which you install within your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall comes with all our hosting plans and is activated by default for any domain and subdomain that you add or create through your Hepsia hosting Control Panel. You'll be able to manage ModSecurity via a dedicated section inside Hepsia where not simply can you activate or deactivate it completely, but you can also activate a passive mode, so the firewall shall not block anything, but it'll still maintain a record of possible attacks. This takes simply a click and you will be able to see the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was addressed, and so forth. The firewall uses 2 groups of rules on our machines - a commercial one that we get from a third-party web security company and a custom one that our administrators update personally as to respond to recently discovered risks as quickly as possible.

ModSecurity in VPS

All virtual private servers that are offered with the Hepsia CP include ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the web server, so there will not be anything special that you'll need to do to protect your websites. It shall take you only a mouse click to stop ModSecurity if needed or to turn on its passive mode so that it records what goes on without taking any measures to prevent intrusions. You will be able to look at the logs created in passive or active mode through the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall used to tackle it, etcetera. We use a mix of commercial and custom rules so as to make sure that ModSecurity shall block as many risks as possible, therefore enhancing the security of your web applications as much as possible.

ModSecurity in Dedicated Hosting

ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the hosting server. Just in case that a web application does not operate properly, you may either disable the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any possible attack that could occur, but will not take any action to prevent it. The logs produced in active or passive mode shall present you with additional details about the exact file which was attacked, the form of the attack and the IP address it came from, etcetera. This information will allow you to determine what steps you can take to improve the security of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated regularly with a commercial bundle from a third-party security enterprise we work with, but occasionally our administrators include their own rules too in the event that they find a new potential threat.