ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is employed to stop attacks toward script-driven sites by using security rules which contain specific expressions. This way, the firewall can block hacking and spamming attempts and protect even sites that are not updated often. For instance, a number of unsuccessful login attempts to a script administrative area or attempts to execute a specific file with the purpose to get access to the script will trigger certain rules, so ModSecurity will block out these activities the instant it discovers them. The firewall is incredibly efficient as it monitors the entire HTTP traffic to a website in real time without slowing it down, so it could prevent an attack before any damage is done. It additionally keeps a very comprehensive log of all attack attempts that includes more information than typical Apache logs, so you can later examine the data and take further measures to boost the security of your websites if necessary.

ModSecurity in Cloud Web Hosting

We offer ModSecurity with all cloud web hosting solutions, so your Internet apps will be resistant to harmful attacks. The firewall is activated by default for all domains and subdomains, but in case you'd like, you will be able to stop it using the respective section of your Hepsia CP. You can also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you shall find within Hepsia are extremely detailed and offer information about the nature of any attack, when it took place and from what IP address, the firewall rule which was triggered, and so on. We employ a group of commercial rules that are regularly updated, but sometimes our admins include custom rules as well so as to better protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions which we offer include ModSecurity and since the firewall is enabled by default, any Internet site that you build under a domain or a subdomain shall be protected right from the start. A separate section in the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll allow you to start and stop the firewall for any site or enable a detection mode. With the latter, ModSecurity won't take any action, but it will still detect possible attacks and will keep all info in a log as if it were fully active. The logs can be found in the very same section of the Control Panel and they include information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules we use on our servers are a mix between commercial ones from a security business and custom ones made by our system administrators. For that reason, we provide increased security for your web programs as we can defend them from attacks even before security firms release updates for completely new threats.

ModSecurity in VPS Servers

ModSecurity comes with all Hepsia-based VPS servers which we offer and it shall be turned on automatically for every new domain or subdomain that you include on the machine. This way, any web app you install will be protected immediately without doing anything by hand on your end. The firewall could be handled from the section of the Control Panel that bears the same name. This is the place in whichyou can turn off ModSecurity or let its passive mode, so it won't take any action against threats, but shall still keep a thorough log. The recorded information is available in the same section as well and you will be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules that we employ on our servers are a mixture between commercial ones that we get from a security firm and custom ones that are included by our staff to maximize the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain which you create on the web server. In the event that a web app does not work adequately, you could either switch off the firewall or set it to operate in passive mode. The latter means that ModSecurity shall maintain a log of any possible attack that might happen, but won't take any action to prevent it. The logs produced in passive or active mode will offer you more details about the exact file that was attacked, the form of the attack and the IP address it came from, and so forth. This information will allow you to choose what actions you can take to increase the safety of your Internet sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated regularly with a commercial bundle from a third-party security company we work with, but sometimes our admins add their own rules as well if they come across a new potential threat.