ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is used to prevent attacks toward script-driven websites by using security rules that contain certain expressions. In this way, the firewall can block hacking and spamming attempts and shield even sites which aren't updated often. As an example, a number of failed login attempts to a script administrator area or attempts to execute a particular file with the purpose to get access to the script will trigger specific rules, so ModSecurity will stop these activities the moment it discovers them. The firewall is very efficient since it tracks the whole HTTP traffic to a site in real time without slowing it down, so it can easily stop an attack before any harm is done. It also maintains an incredibly detailed log of all attack attempts that features more info than conventional Apache logs, so you could later examine the data and take extra measures to enhance the security of your websites if needed.

ModSecurity in Website Hosting

ModSecurity can be found with every single website hosting solution that we offer and it's turned on by default for every domain or subdomain that you add via your Hepsia Control Panel. In the event that it disrupts any of your apps or you would like to disable it for whatever reason, you shall be able to accomplish that through the ModSecurity area of Hepsia with only a mouse click. You may also activate a passive mode, so the firewall will detect potential attacks and maintain a log, but shall not take any action. You'll be able to view detailed logs in the very same section, including the IP where the attack originated from, exactly what the attacker attempted to do and at what time, what ModSecurity did, etcetera. For max protection of our clients we use a group of commercial firewall rules mixed with custom ones which are provided by our system admins.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions which we offer feature ModSecurity and given that the firewall is enabled by default, any website that you set up under a domain or a subdomain will be protected immediately. An individual section within the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall allow you to start and stop the firewall for any Internet site or enable a detection mode. With the latter, ModSecurity will not take any action, but it'll still detect possible attacks and will keep all information in a log as if it were completely active. The logs could be found inside the very same section of the CP and they offer info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules that we employ on our machines are a mix of commercial ones from a security business and custom ones made by our system administrators. Therefore, we offer increased security for your web programs as we can shield them from attacks even before security corporations release updates for completely new threats.

ModSecurity in VPS Servers

All VPS servers that are provided with the Hepsia CP come with ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the web server, so there won't be anything special that you will have to do to protect your Internet sites. It shall take you just a click to stop ModSecurity if needed or to switch on its passive mode so that it records what goes on without taking any actions to stop intrusions. You shall be able to see the logs created in active or passive mode via the corresponding section of Hepsia and learn more about the type of the attack, where it originated from, what rule the firewall employed to take care of it, etc. We employ a mixture of commercial and custom rules so as to make certain that ModSecurity shall block as many threats as possible, consequently boosting the protection of your web programs as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the server. In the event that a web app doesn't function adequately, you may either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity will maintain a log of any possible attack that could occur, but won't take any action to stop it. The logs generated in active or passive mode shall offer you more details about the exact file which was attacked, the nature of the attack and the IP it originated from, etcetera. This data shall enable you to determine what actions you can take to boost the security of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated regularly with a commercial package from a third-party security provider we work with, but from time to time our admins include their own rules as well in case they come across a new potential threat.