ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's employed to prevent attacks against script-driven Internet sites by employing security rules which contain particular expressions. This way, the firewall can block hacking and spamming attempts and protect even Internet sites that aren't updated on a regular basis. For example, multiple unsuccessful login attempts to a script admin area or attempts to execute a certain file with the intention to get access to the script will trigger certain rules, so ModSecurity shall block out these activities the instant it discovers them. The firewall is very efficient as it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to stop an attack before any damage is done. It additionally maintains an incredibly detailed log of all attack attempts that includes more info than traditional Apache logs, so you can later examine the data and take additional measures to improve the security of your Internet sites if required.

ModSecurity in Cloud Website Hosting

ModSecurity comes standard with all cloud website hosting plans which we supply and it'll be switched on automatically for any domain or subdomain that you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you'll be able to activate and disable it with only a click or set it to detection mode, so it will keep a log of all attacks, but it'll not do anything to prevent them. The log for any of your Internet sites shall contain comprehensive information including the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are constantly updated and consist of both commercial ones that we get from a third-party security firm and custom ones which our system admins include in case that they detect a new kind of attacks. That way, the sites that you host here shall be far more protected with no action expected on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions which we offer feature ModSecurity and since the firewall is switched on by default, any site which you create under a domain or a subdomain shall be protected right away. An independent section in the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll allow you to stop and start the firewall for any website or activate a detection mode. With the last option, ModSecurity will not take any action, but it shall still identify possible attacks and shall keep all data in a log as if it were completely active. The logs can be found in the exact same section of the Control Panel and they feature details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules that we use on our machines are a mix between commercial ones from a security firm and custom ones made by our system admins. As a result, we provide higher security for your web programs as we can defend them from attacks before security corporations release updates for completely new threats.

ModSecurity in VPS Servers

All VPS servers which are set up with the Hepsia Control Panel feature ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the web server, so there will not be anything special which you'll need to do to protect your websites. It shall take you simply a mouse click to stop ModSecurity if needed or to switch on its passive mode so that it records what goes on without taking any steps to stop intrusions. You'll be able to view the logs generated in active or passive mode via the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall used to take care of it, and so on. We employ a mix of commercial and custom rules in order to ensure that ModSecurity will block as many risks as possible, hence increasing the protection of your web applications as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain which you create on the server. In case that a web application doesn't operate properly, you could either disable the firewall or set it to operate in passive mode. The second means that ModSecurity shall keep a log of any possible attack which may happen, but shall not take any action to prevent it. The logs produced in active or passive mode will provide you with additional details about the exact file which was attacked, the nature of the attack and the IP it came from, and so forth. This info shall allow you to choose what measures you can take to enhance the security of your sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated regularly with a commercial bundle from a third-party security company we work with, but oftentimes our admins include their own rules too when they discover a new potential threat.