ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It is used to prevent attacks towards script-driven websites by employing security rules that contain specific expressions. That way, the firewall can stop hacking and spamming attempts and shield even Internet sites that are not updated on a regular basis. For example, multiple failed login attempts to a script administrative area or attempts to execute a particular file with the objective to get access to the script shall trigger specific rules, so ModSecurity shall block out these activities the instant it discovers them. The firewall is quite efficient as it tracks the whole HTTP traffic to a site in real time without slowing it down, so it can stop an attack before any damage is done. It furthermore keeps an exceptionally detailed log of all attack attempts which contains more information than traditional Apache logs, so you could later analyze the data and take additional measures to enhance the security of your websites if required.

ModSecurity in Cloud Hosting

ModSecurity is available with every cloud hosting package that we offer and it's turned on by default for any domain or subdomain which you include through your Hepsia Control Panel. In the event that it interferes with any of your programs or you would like to disable it for whatever reason, you'll be able to accomplish that through the ModSecurity section of Hepsia with only a mouse click. You could also use a passive mode, so the firewall will discover possible attacks and keep a log, but won't take any action. You can view comprehensive logs in the same section, including the IP address where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etcetera. For optimum protection of our clients we use a set of commercial firewall rules mixed with custom ones that are included by our system admins.

ModSecurity in Semi-dedicated Servers

Any web program that you set up within your new semi-dedicated server account shall be protected by ModSecurity as the firewall is included with all our hosting solutions and is switched on by default for any domain and subdomain which you add or create through your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated area in Hepsia where not only can you activate or deactivate it completely, but you can also activate a passive mode, so the firewall will not block anything, but it will still maintain an archive of potential attacks. This requires only a click and you'll be able to look at the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was taken care of, etcetera. The firewall employs 2 groups of rules on our machines - a commercial one which we get from a third-party web security provider and a custom one which our admins update personally in order to respond to newly discovered risks as fast as possible.

ModSecurity in VPS Servers

All VPS servers which are offered with the Hepsia CP come with ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the machine, so there shall not be anything special that you shall have to do to protect your sites. It shall take you just a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what occurs without taking any steps to prevent intrusions. You'll be able to view the logs produced in passive or active mode through the corresponding section of Hepsia and learn more about the type of the attack, where it originated from, what rule the firewall employed to take care of it, etcetera. We employ a combination of commercial and custom rules so as to make sure that ModSecurity shall block as many risks as possible, therefore enhancing the security of your web programs as much as possible.

ModSecurity in Dedicated Servers

All of our dedicated servers that are set up with the Hepsia hosting Control Panel come with ModSecurity, so any app that you upload or set up will be secured from the very beginning and you'll not have to bother about common attacks or vulnerabilities. An independent section within Hepsia will permit you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records information about intrusions, but does not take actions to stop them. What you shall find in the logs shall allow you to to secure your websites better - the IP an attack originated from, what website was attacked and exactly how, what ModSecurity rule was triggered, and so forth. With this data, you could see if a website needs an update, whether you should block IPs from accessing your hosting server, and so on. Aside from the third-party commercial security rules for ModSecurity that we use, our admins include custom ones as well every time they come across a new threat that's not yet included in the commercial bundle.