ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is employed to prevent attacks toward script-driven websites by employing security rules which contain certain expressions. In this way, the firewall can stop hacking and spamming attempts and protect even sites which aren't updated frequently. For instance, a number of unsuccessful login attempts to a script admin area or attempts to execute a certain file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall stop these activities the moment it discovers them. The firewall is incredibly efficient as it monitors the entire HTTP traffic to a website in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It furthermore keeps a very comprehensive log of all attack attempts that includes more information than conventional Apache logs, so you can later examine the data and take additional measures to increase the security of your sites if required.

ModSecurity in Cloud Website Hosting

ModSecurity comes standard with all cloud website hosting packages which we offer and it will be switched on automatically for any domain or subdomain which you add/create in your Hepsia hosting CP. The firewall has three different modes, so you could switch on and deactivate it with only a mouse click or set it to detection mode, so it will keep a log of all attacks, but it shall not do anything to stop them. The log for any of your websites will contain comprehensive info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are frequently updated and comprise of both commercial ones we get from a third-party security business and custom ones that our system admins include in case that they detect a new sort of attacks. In this way, the sites which you host here shall be way more protected without any action expected on your end.

ModSecurity in Semi-dedicated Hosting

We've incorporated ModSecurity by default inside all semi-dedicated hosting products, so your web apps shall be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts shall allow you to enable or turn off the firewall for any website with a mouse click. You'll also be able to turn on a passive detection mode through which ModSecurity will maintain a log of potential attacks without actually stopping them. The detailed logs include the nature of the attack and what ModSecurity response that attack caused, where it came from, and so forth. The list of rules which we employ is frequently updated as to match any new risks which might appear on the Internet and it includes both commercial rules that we get from a security company and custom-written ones that our admins add in case they find a threat which is not present in the commercial list yet.

ModSecurity in VPS Hosting

ModSecurity is pre-installed on all virtual private servers that are provided with the Hepsia hosting CP, so your web apps will be protected from the second your server is ready. The firewall is turned on by default for any domain or subdomain on the VPS, but if required, you'll be able to disable it with a click from the corresponding section of Hepsia. You could also set it to work in detection mode, so it shall keep a detailed log of any possible attacks without taking any action to stop them. The logs are available in the exact same section and offer information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For optimum security, we use not simply commercial rules from a firm operating in the field of web security, but also custom ones that our admins add manually so as to react to new threats that are still not addressed in the commercial rules.

ModSecurity in Dedicated Web Hosting

ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain that you create on the server. In the event that a web application does not function correctly, you may either disable the firewall or set it to function in passive mode. The second means that ModSecurity will maintain a log of any potential attack that could happen, but will not take any action to prevent it. The logs generated in passive or active mode shall give you more details about the exact file that was attacked, the type of the attack and the IP address it came from, etc. This information will permit you to choose what steps you can take to increase the safety of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated constantly with a commercial pack from a third-party security provider we work with, but occasionally our administrators include their own rules as well in case they discover a new potential threat.