ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's employed to stop attacks toward script-driven websites through the use of security rules that contain particular expressions. This way, the firewall can prevent hacking and spamming attempts and preserve even websites which aren't updated on a regular basis. For instance, several unsuccessful login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script shall trigger particular rules, so ModSecurity will block these activities the minute it identifies them. The firewall is quite efficient since it monitors the whole HTTP traffic to a website in real time without slowing it down, so it could stop an attack before any damage is done. It furthermore keeps a very detailed log of all attack attempts that includes more information than conventional Apache logs, so you could later analyze the data and take further measures to enhance the security of your Internet sites if needed.

ModSecurity in Shared Web Hosting

ModSecurity comes standard with all shared web hosting plans that we provide and it'll be activated automatically for any domain or subdomain you add/create within your Hepsia hosting CP. The firewall has three different modes, so you could activate and disable it with only a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it shall not do anything to prevent them. The log for each of your websites shall feature comprehensive information including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules which we use are frequently updated and consist of both commercial ones which we get from a third-party security business and custom ones which our system admins include in case that they detect a new kind of attacks. That way, the Internet sites you host here will be far more protected without any action expected on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions that we offer feature ModSecurity and because the firewall is enabled by default, any Internet site you create under a domain or a subdomain shall be secured straight away. An independent section in the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll permit you to start and stop the firewall for any Internet site or activate a detection mode. With the last option, ModSecurity shall not take any action, but it'll still identify possible attacks and will keep all information within a log as if it were 100% active. The logs could be found within the same section of the CP and they feature info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules that we use on our web servers are a mix of commercial ones from a security firm and custom ones made by our system admins. Therefore, we provide higher security for your web programs as we can protect them from attacks before security corporations release updates for new threats.

ModSecurity in VPS Servers

Protection is essential to us, so we set up ModSecurity on all VPS servers which are made available with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section in Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you'll not have to do anything personally. You shall also be able to deactivate it or turn on the so-called detection mode, so it shall keep a log of potential attacks you can later examine, but will not stop them. The logs in both passive and active modes offer info regarding the form of the attack and how it was stopped, what IP it came from and other useful data which could help you to tighten the security of your sites by updating them or blocking IPs, for example. In addition to the commercial rules that we get for ModSecurity from a third-party security company, we also employ our own rules as occasionally we discover specific attacks which are not yet present within the commercial package. That way, we could increase the security of your VPS immediately rather than awaiting a certified update.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers which are set up with our Hepsia Control Panel and you won't need to do anything specific on your end to employ it because it's activated by default each time you include a new domain or subdomain on your web server. In the event that it interferes with any of your applications, you shall be able to stop it via the respective area of Hepsia, or you may leave it working in passive mode, so it shall recognize attacks and will still keep a log for them, but won't stop them. You can examine the logs later to determine what you can do to enhance the protection of your Internet sites as you shall find info such as where an intrusion attempt came from, what site was attacked and based on what rule ModSecurity reacted, and so forth. The rules that we employ are commercial, hence they're constantly updated by a security provider, but to be on the safe side, our admins also add custom rules every now and then as to respond to any new threats they have identified.