ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's used to prevent attacks toward script-driven Internet sites through the use of security rules that contain particular expressions. This way, the firewall can stop hacking and spamming attempts and shield even Internet sites that aren't updated frequently. For instance, a number of failed login attempts to a script administrator area or attempts to execute a specific file with the objective to get access to the script will trigger particular rules, so ModSecurity shall block out these activities the moment it detects them. The firewall is extremely efficient as it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it can easily stop an attack before any damage is done. It also keeps a very detailed log of all attack attempts that features more info than standard Apache logs, so you can later analyze the data and take additional measures to boost the security of your Internet sites if needed.

ModSecurity in Cloud Hosting

ModSecurity comes by default with all cloud hosting plans which we offer and it will be turned on automatically for any domain or subdomain you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you'll be able to activate and disable it with just a click or set it to detection mode, so it'll keep a log of all attacks, but it will not do anything to stop them. The log for each of your Internet sites shall contain comprehensive information including the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are regularly updated and consist of both commercial ones which we get from a third-party security firm and custom ones which our system admins add in the event that they detect a new kind of attacks. That way, the websites that you host here shall be much more protected with no action required on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions that we offer include ModSecurity and since the firewall is switched on by default, any website which you set up under a domain or a subdomain shall be secured right from the start. An independent section in the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall allow you to stop and start the firewall for any site or activate a detection mode. With the latter, ModSecurity shall not take any action, but it will still detect possible attacks and will keep all info inside a log as if it were fully active. The logs could be found in the very same section of the Control Panel and they include details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules which we use on our machines are a mix of commercial ones from a security firm and custom ones developed by our system admins. Consequently, we offer higher security for your web programs as we can shield them from attacks even before security firms release updates for brand new threats.

ModSecurity in VPS

ModSecurity is included with all Hepsia-based virtual private servers which we offer and it shall be switched on automatically for every new domain or subdomain you include on the hosting server. This way, any web application that you install will be protected right away without doing anything manually on your end. The firewall could be handled through the section of the CP that has the same name. This is the place whereyou'll be able to disable ModSecurity or let its passive mode, so it will not take any action against threats, but will still maintain a thorough log. The recorded information is available within the same area as well and you will be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules we employ on our servers are a blend between commercial ones that we get from a security company and custom ones which are included by our admins to optimize the protection of any web applications hosted on our end.

ModSecurity in Dedicated Hosting

ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain that you create on the server. Just in case that a web app doesn't work correctly, you may either switch off the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any potential attack that might take place, but won't take any action to prevent it. The logs generated in active or passive mode will offer you additional details about the exact file that was attacked, the form of the attack and the IP it originated from, and so on. This information will enable you to determine what actions you can take to increase the security of your sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated regularly with a commercial pack from a third-party security enterprise we work with, but from time to time our staff add their own rules as well in case they find a new potential threat.