ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's employed to stop attacks toward script-driven sites by using security rules that contain certain expressions. That way, the firewall can prevent hacking and spamming attempts and preserve even websites which aren't updated often. As an example, a number of unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the objective to get access to the script shall trigger specific rules, so ModSecurity shall stop these activities the instant it detects them. The firewall is extremely efficient since it monitors the whole HTTP traffic to a website in real time without slowing it down, so it could prevent an attack before any harm is done. It furthermore maintains a very thorough log of all attack attempts which features more info than typical Apache logs, so you can later check out the data and take additional measures to improve the security of your sites if necessary.

ModSecurity in Shared Website Hosting

ModSecurity comes standard with all shared website hosting plans which we offer and it'll be turned on automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to switch on and deactivate it with only a click or set it to detection mode, so it'll maintain a log of all attacks, but it will not do anything to prevent them. The log for each of your Internet sites will include comprehensive information such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are regularly updated and consist of both commercial ones we get from a third-party security business and custom ones that our system admins include in the event that they detect a new type of attacks. This way, the Internet sites which you host here shall be far more secure without any action required on your end.

ModSecurity in Semi-dedicated Servers

Any web application which you set up within your new semi-dedicated server account will be protected by ModSecurity since the firewall is included with all our hosting packages and is turned on by default for any domain and subdomain that you include or create through your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated area inside Hepsia where not simply could you activate or deactivate it entirely, but you may also switch on a passive mode, so the firewall shall not stop anything, but it'll still keep a record of possible attacks. This requires only a click and you'll be able to look at the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was addressed, etc. The firewall employs 2 groups of rules on our servers - a commercial one which we get from a third-party web security firm and a custom one which our administrators update manually as to respond to recently discovered risks as fast as possible.

ModSecurity in VPS Servers

Security is essential to us, so we install ModSecurity on all VPS servers which are made available with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section inside Hepsia and is activated automatically when you add a new domain or generate a subdomain, so you'll not need to do anything personally. You will also be able to deactivate it or activate the so-called detection mode, so it will keep a log of possible attacks you can later examine, but won't prevent them. The logs in both passive and active modes contain details about the form of the attack and how it was eliminated, what IP it came from and other important information that might help you to tighten the security of your websites by updating them or blocking IPs, for example. Besides the commercial rules which we get for ModSecurity from a third-party security company, we also employ our own rules as occasionally we find specific attacks that aren't yet present in the commercial package. This way, we can boost the security of your Virtual private server immediately instead of waiting for an official update.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain you create on the hosting server. Just in case that a web app doesn't operate properly, you may either turn off the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any potential attack that may take place, but will not take any action to stop it. The logs produced in active or passive mode will provide you with additional details about the exact file that was attacked, the type of the attack and the IP address it originated from, and so on. This information will enable you to determine what steps you can take to increase the protection of your sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we employ are updated regularly with a commercial bundle from a third-party security enterprise we work with, but oftentimes our administrators include their own rules too if they discover a new potential threat.