ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's used to stop attacks against script-driven Internet sites by using security rules that contain specific expressions. In this way, the firewall can block hacking and spamming attempts and shield even websites that are not updated regularly. As an example, several failed login attempts to a script admin area or attempts to execute a particular file with the intention to get access to the script will trigger specific rules, so ModSecurity shall block these activities the moment it identifies them. The firewall is very efficient because it screens the whole HTTP traffic to a site in real time without slowing it down, so it can easily stop an attack before any harm is done. It additionally maintains an incredibly comprehensive log of all attack attempts which contains more information than standard Apache logs, so you can later analyze the data and take further measures to increase the security of your websites if needed.

ModSecurity in Hosting

ModSecurity comes by default with all hosting plans which we provide and it shall be activated automatically for any domain or subdomain which you add/create inside your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could activate and disable it with only a mouse click or set it to detection mode, so it'll keep a log of all attacks, but it will not do anything to stop them. The log for each of your Internet sites shall feature comprehensive information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules that we use are constantly updated and consist of both commercial ones that we get from a third-party security business and custom ones that our system admins add in the event that they detect a new sort of attacks. In this way, the sites which you host here shall be much more protected without any action expected on your end.

ModSecurity in Semi-dedicated Servers

We have incorporated ModSecurity by default within all semi-dedicated server plans, so your web apps will be protected as soon as you install them under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts shall permit you to switch on or turn off the firewall for any website with a mouse click. You will also have the ability to turn on a passive detection mode in which ModSecurity shall keep a log of possible attacks without really preventing them. The detailed logs contain the nature of the attack and what ModSecurity response this attack initiated, where it originated from, etc. The list of rules we employ is frequently updated in order to match any new risks that might appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones that our administrators add if they discover a threat that is not present in the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers which we offer and it will be activated automatically for every new domain or subdomain that you add on the server. That way, any web application you install will be secured immediately without doing anything manually on your end. The firewall could be managed through the section of the Control Panel that has the same name. This is the place whereyou can switch off ModSecurity or activate its passive mode, so it will not take any action against threats, but will still keep a detailed log. The recorded data is available inside the same area as well and you will be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules which we employ on our servers are a mixture between commercial ones we get from a security firm and custom ones which are included by our staff to enhance the protection of any web applications hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is provided with all dedicated servers that are set up with our Hepsia CP and you won't need to do anything specific on your end to employ it since it is switched on by default every time you include a new domain or subdomain on your web server. If it disrupts any of your programs, you'll be able to stop it via the respective part of Hepsia, or you could leave it operating in passive mode, so it shall detect attacks and will still maintain a log for them, but shall not prevent them. You'll be able to examine the logs later to learn what you can do to enhance the security of your sites as you shall find information such as where an intrusion attempt originated from, what website was attacked and based on what rule ModSecurity reacted, etc. The rules which we employ are commercial, hence they are regularly updated by a security provider, but to be on the safe side, our admins also add custom rules from time to time as to respond to any new threats they have found.