ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's used to prevent attacks towards script-driven Internet sites through the use of security rules which contain particular expressions. That way, the firewall can stop hacking and spamming attempts and shield even Internet sites which aren't updated regularly. For example, a number of failed login attempts to a script administrative area or attempts to execute a specific file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall block these activities the instant it discovers them. The firewall is extremely efficient since it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It furthermore keeps a very thorough log of all attack attempts which contains more info than standard Apache logs, so you could later analyze the data and take extra measures to increase the security of your sites if needed.

ModSecurity in Cloud Website Hosting

We offer ModSecurity with all cloud website hosting solutions, so your web apps shall be resistant to harmful attacks. The firewall is switched on by default for all domains and subdomains, but in case you'd like, you shall be able to stop it using the respective section of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you'll find inside Hepsia are quite detailed and feature data about the nature of any attack, when it transpired and from what IP, the firewall rule that was triggered, etcetera. We use a group of commercial rules that are regularly updated, but sometimes our administrators include custom rules as well in order to efficiently protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

Any web program that you install inside your new semi-dedicated server account will be protected by ModSecurity as the firewall is provided with all our hosting solutions and is activated by default for any domain and subdomain that you add or create using your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated area inside Hepsia where not simply can you activate or deactivate it entirely, but you could also activate a passive mode, so the firewall won't stop anything, but it will still maintain a record of potential attacks. This requires simply a click and you'll be able to look at the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was addressed, etcetera. The firewall uses two groups of rules on our web servers - a commercial one that we get from a third-party web security provider and a custom one that our admins update manually in order to respond to recently discovered threats as fast as possible.

ModSecurity in VPS Servers

All VPS servers which are provided with the Hepsia Control Panel feature ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the web server, so there will not be anything special which you shall have to do to protect your Internet sites. It will take you only a mouse click to stop ModSecurity if required or to activate its passive mode so that it records what happens without taking any steps to stop intrusions. You will be able to view the logs created in passive or active mode via the corresponding section of Hepsia and learn more about the type of the attack, where it came from, what rule the firewall employed to handle it, etc. We use a mixture of commercial and custom rules so as to make sure that ModSecurity shall stop as many threats as possible, consequently enhancing the security of your web apps as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers which are set up with our Hepsia Control Panel and you'll not have to do anything specific on your end to employ it since it's switched on by default every time you include a new domain or subdomain on your server. In case it interferes with any of your apps, you shall be able to stop it through the respective part of Hepsia, or you could leave it operating in passive mode, so it will detect attacks and shall still maintain a log for them, but shall not prevent them. You may look at the logs later to learn what you can do to increase the safety of your Internet sites since you shall find information such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity reacted, and so on. The rules which we use are commercial, hence they are frequently updated by a security company, but to be on the safe side, our staff also add custom rules once in a while in order to react to any new threats they have found.