ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's used to prevent attacks towards script-driven sites through the use of security rules which contain particular expressions. In this way, the firewall can stop hacking and spamming attempts and protect even Internet sites that are not updated often. As an example, multiple unsuccessful login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script will trigger particular rules, so ModSecurity will block these activities the second it identifies them. The firewall is extremely efficient because it monitors the whole HTTP traffic to a website in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It also maintains an incredibly detailed log of all attack attempts that contains more information than traditional Apache logs, so you can later check out the data and take extra measures to enhance the security of your websites if needed.

ModSecurity in Hosting

ModSecurity comes standard with all hosting plans that we offer and it'll be activated automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to activate and deactivate it with just a click or set it to detection mode, so it'll keep a log of all attacks, but it'll not do anything to stop them. The log for any of your Internet sites will include elaborate information including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules that we use are constantly updated and comprise of both commercial ones that we get from a third-party security company and custom ones that our system admins add in the event that they detect a new sort of attacks. That way, the websites you host here shall be much more secure without any action needed on your end.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server solutions and if you decide to host your Internet sites with our company, there shall not be anything special you'll need to do given that the firewall is activated by default for all domains and subdomains that you include using your hosting Control Panel. If needed, you'll be able to disable ModSecurity for a certain site or turn on the so-called detection mode in which case the firewall shall still operate and record info, but will not do anything to prevent possible attacks on your Internet sites. In depth logs will be available inside your Control Panel and you'll be able to see what type of attacks occurred, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, etc. We use two sorts of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom ones which our administrators sometimes add to respond to newly identified threats promptly.

ModSecurity in VPS Servers

All VPS servers that are set up with the Hepsia CP feature ModSecurity. The firewall is installed and switched on by default for all domains which are hosted on the web server, so there won't be anything special that you will have to do to protect your websites. It will take you just a click to stop ModSecurity if necessary or to turn on its passive mode so that it records what goes on without taking any measures to stop intrusions. You will be able to see the logs created in passive or active mode through the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall employed to handle it, and so on. We employ a combination of commercial and custom rules so as to make certain that ModSecurity shall block out as many risks as possible, thus enhancing the protection of your web applications as much as possible.

ModSecurity in Dedicated Servers

All of our dedicated servers that are installed with the Hepsia hosting Control Panel feature ModSecurity, so any application that you upload or set up will be properly secured from the very beginning and you'll not have to worry about common attacks or vulnerabilities. A separate section inside Hepsia will allow you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records info about intrusions, but does not take actions to stop them. What you will discover in the logs can easily help you to secure your sites better - the IP address an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, and so on. With this info, you can see if a site needs an update, if you should block IPs from accessing your web server, and so on. In addition to the third-party commercial security rules for ModSecurity we use, our administrators include custom ones as well every time they find a new threat that's not yet a part of the commercial bundle.