ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's used to prevent attacks against script-driven sites by employing security rules which contain particular expressions. This way, the firewall can block hacking and spamming attempts and preserve even Internet sites that aren't updated frequently. For example, several failed login attempts to a script administrative area or attempts to execute a particular file with the intention to get access to the script will trigger particular rules, so ModSecurity will stop these activities the second it identifies them. The firewall is extremely efficient as it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it can easily prevent an attack before any damage is done. It also maintains an exceptionally thorough log of all attack attempts that includes more info than standard Apache logs, so you could later analyze the data and take further measures to enhance the security of your sites if necessary.

ModSecurity in Web Hosting

We provide ModSecurity with all web hosting packages, so your web apps shall be protected against destructive attacks. The firewall is turned on as standard for all domains and subdomains, but in case you'd like, you shall be able to stop it via the respective area of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you shall discover in Hepsia are extremely detailed and feature information about the nature of any attack, when it took place and from what IP address, the firewall rule which was triggered, etcetera. We use a group of commercial rules that are often updated, but sometimes our admins include custom rules as well so as to efficiently protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Servers

We have integrated ModSecurity by default within all semi-dedicated server products, so your web applications shall be protected the instant you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will allow you to switch on or disable the firewall for any website with a mouse click. You will also have the ability to switch on a passive detection mode with which ModSecurity shall maintain a log of potential attacks without really stopping them. The thorough logs contain the nature of the attack and what ModSecurity response this attack generated, where it originated from, etcetera. The list of rules that we employ is regularly updated in order to match any new risks which might appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones that our admins add in case they find a threat that's not present inside the commercial list yet.

ModSecurity in VPS Servers

All VPS servers which are offered with the Hepsia CP feature ModSecurity. The firewall is set up and switched on by default for all domains which are hosted on the server, so there will not be anything special that you'll need to do to protect your websites. It will take you simply a click to stop ModSecurity if needed or to turn on its passive mode so that it records what happens without taking any actions to stop intrusions. You'll be able to view the logs produced in passive or active mode via the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall used to take care of it, and so forth. We employ a combination of commercial and custom rules so as to make sure that ModSecurity will block as many risks as possible, hence improving the security of your web programs as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is provided with all dedicated servers that are set up with our Hepsia CP and you'll not have to do anything specific on your end to use it since it is turned on by default every time you add a new domain or subdomain on your hosting server. In case it interferes with any of your apps, you'll be able to stop it via the respective area of Hepsia, or you could leave it working in passive mode, so it shall detect attacks and shall still maintain a log for them, but shall not block them. You'll be able to look at the logs later to determine what you can do to improve the safety of your Internet sites since you shall find information such as where an intrusion attempt originated from, what Internet site was attacked and based on what rule ModSecurity responded, etcetera. The rules which we use are commercial, hence they're constantly updated by a security firm, but to be on the safe side, our admins also include custom rules every now and then in order to deal with any new threats they have identified.