ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is used to prevent attacks towards script-driven sites through the use of security rules that contain particular expressions. This way, the firewall can block hacking and spamming attempts and protect even sites which aren't updated on a regular basis. As an example, several unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script will trigger specific rules, so ModSecurity will block out these activities the instant it discovers them. The firewall is extremely efficient since it screens the whole HTTP traffic to a website in real time without slowing it down, so it can easily stop an attack before any damage is done. It furthermore keeps an exceptionally comprehensive log of all attack attempts which features more info than conventional Apache logs, so you could later check out the data and take additional measures to improve the security of your websites if needed.

ModSecurity in Cloud Hosting

ModSecurity comes standard with all cloud hosting plans which we supply and it will be switched on automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you could switch on and deactivate it with a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it shall not do anything to stop them. The log for each of your Internet sites shall feature elaborate info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules that we use are regularly updated and comprise of both commercial ones which we get from a third-party security company and custom ones which our system admins include in case that they detect a new type of attacks. That way, the sites which you host here will be far more secure without any action expected on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans which we offer include ModSecurity and since the firewall is switched on by default, any website which you build under a domain or a subdomain will be protected straight away. An individual section within the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it will permit you to stop and start the firewall for any site or activate a detection mode. With the last mentioned, ModSecurity will not take any action, but it shall still identify possible attacks and will keep all info in a log as if it were completely active. The logs could be found in the very same section of the Control Panel and they offer information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules we use on our machines are a mix of commercial ones from a security business and custom ones made by our system administrators. As a result, we offer higher security for your web applications as we can protect them from attacks before security companies release updates for brand new threats.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are offered with the Hepsia hosting Control Panel, so your web apps shall be secured from the second your server is in a position. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if required, you could disable it with a mouse click via the corresponding section of Hepsia. You could also set it to operate in detection mode, so it'll keep an extensive log of any possible attacks without taking any action to prevent them. The logs are available within the same section and provide info about the nature of the attack, what IP it came from and what ModSecurity rule was activated to stop it. For maximum security, we employ not only commercial rules from a business operating in the field of web security, but also custom ones our administrators add personally in order to react to new risks which are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain which you create on the server. Just in case that a web app does not work correctly, you could either switch off the firewall or set it to work in passive mode. The second means that ModSecurity will keep a log of any possible attack which could occur, but will not take any action to stop it. The logs produced in active or passive mode will offer you additional details about the exact file that was attacked, the type of the attack and the IP address it came from, and so forth. This data shall permit you to decide what measures you can take to improve the safety of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated regularly with a commercial bundle from a third-party security company we work with, but oftentimes our admins add their own rules too in case they come across a new potential threat.