ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is employed to stop attacks toward script-driven sites through the use of security rules which contain specific expressions. That way, the firewall can prevent hacking and spamming attempts and shield even sites that are not updated often. For instance, multiple unsuccessful login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script shall trigger particular rules, so ModSecurity will block these activities the minute it detects them. The firewall is incredibly efficient as it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it can easily prevent an attack before any damage is done. It furthermore maintains an exceptionally thorough log of all attack attempts that includes more information than typical Apache logs, so you could later examine the data and take additional measures to increase the security of your Internet sites if needed.

ModSecurity in Website Hosting

ModSecurity comes by default with all website hosting solutions which we provide and it will be turned on automatically for any domain or subdomain that you add/create inside your Hepsia hosting Control Panel. The firewall has three different modes, so you can activate and deactivate it with only a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it'll not do anything to prevent them. The log for each of your sites shall feature elaborate information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules which we use are regularly updated and include both commercial ones which we get from a third-party security firm and custom ones that our system administrators add in case that they detect a new sort of attacks. That way, the sites that you host here will be far more secure without any action needed on your end.

ModSecurity in Semi-dedicated Hosting

We have incorporated ModSecurity as a standard inside all semi-dedicated hosting products, so your web applications shall be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts shall allow you to switch on or disable the firewall for any site with a mouse click. You will also have the ability to switch on a passive detection mode with which ModSecurity shall maintain a log of possible attacks without really preventing them. The detailed logs contain the nature of the attack and what ModSecurity response this attack initiated, where it came from, and so on. The list of rules which we use is frequently updated in order to match any new risks that might appear on the Internet and it consists of both commercial rules that we get from a security company and custom-written ones which our administrators add in case they discover a threat that is not present within the commercial list yet.

ModSecurity in VPS

Security is vital to us, so we set up ModSecurity on all virtual private servers which are provided with the Hepsia CP as a standard. The firewall could be managed via a dedicated section within Hepsia and is activated automatically when you include a new domain or generate a subdomain, so you won't need to do anything personally. You shall also be able to deactivate it or turn on the so-called detection mode, so it shall maintain a log of possible attacks that you can later examine, but shall not block them. The logs in both passive and active modes contain info about the type of the attack and how it was stopped, what IP it came from and other important information which may help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. In addition to the commercial rules which we get for ModSecurity from a third-party security firm, we also implement our own rules as occasionally we identify specific attacks that are not yet present inside the commercial package. That way, we can increase the protection of your VPS instantly as opposed to waiting for a certified update.

ModSecurity in Dedicated Hosting

ModSecurity is offered as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain you create on the hosting server. In case that a web app does not work properly, you could either disable the firewall or set it to operate in passive mode. The second means that ModSecurity will maintain a log of any possible attack which may take place, but shall not take any action to stop it. The logs generated in passive or active mode shall present you with additional details about the exact file which was attacked, the nature of the attack and the IP address it came from, and so on. This information will enable you to choose what steps you can take to boost the security of your websites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial pack from a third-party security enterprise we work with, but from time to time our staff include their own rules as well in case they find a new potential threat.