ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's employed to prevent attacks toward script-driven Internet sites by employing security rules that contain particular expressions. That way, the firewall can prevent hacking and spamming attempts and protect even websites that aren't updated regularly. For example, several unsuccessful login attempts to a script admin area or attempts to execute a particular file with the purpose to get access to the script shall trigger specific rules, so ModSecurity shall block out these activities the second it detects them. The firewall is incredibly efficient because it monitors the whole HTTP traffic to a website in real time without slowing it down, so it can prevent an attack before any damage is done. It additionally maintains an exceptionally thorough log of all attack attempts that contains more information than standard Apache logs, so you can later check out the data and take additional measures to boost the security of your Internet sites if needed.

ModSecurity in Shared Hosting

We provide ModSecurity with all shared hosting solutions, so your web apps will be protected against destructive attacks. The firewall is switched on by default for all domains and subdomains, but if you would like, you shall be able to stop it via the respective part of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you will find inside Hepsia are very detailed and include info about the nature of any attack, when it happened and from what IP address, the firewall rule which was triggered, etcetera. We employ a group of commercial rules that are regularly updated, but sometimes our admins add custom rules as well so as to efficiently protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

Any web program which you set up within your new semi-dedicated server account will be protected by ModSecurity because the firewall comes with all our hosting solutions and is activated by default for any domain and subdomain which you add or create via your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated section in Hepsia where not only could you activate or deactivate it entirely, but you could also activate a passive mode, so the firewall won't block anything, but it shall still maintain an archive of possible attacks. This takes just a click and you will be able to look at the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was handled, and so forth. The firewall employs two sets of rules on our servers - a commercial one which we get from a third-party web security company and a custom one which our administrators update personally in order to respond to newly discovered risks immediately.

ModSecurity in VPS Servers

Security is extremely important to us, so we install ModSecurity on all VPS servers which are provided with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section within Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you'll not need to do anything manually. You shall also be able to disable it or switch on the so-called detection mode, so it'll maintain a log of possible attacks which you can later examine, but shall not block them. The logs in both passive and active modes contain info about the kind of the attack and how it was stopped, what IP address it came from and other valuable info that may help you to tighten the security of your Internet sites by updating them or blocking IPs, for instance. In addition to the commercial rules which we get for ModSecurity from a third-party security enterprise, we also implement our own rules since occasionally we discover specific attacks that are not yet present in the commercial package. This way, we could boost the security of your VPS right away instead of waiting for an official update.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the server. In the event that a web application doesn't function correctly, you may either switch off the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any possible attack which may take place, but shall not take any action to stop it. The logs created in active or passive mode shall offer you more details about the exact file that was attacked, the nature of the attack and the IP address it originated from, etcetera. This info shall permit you to determine what actions you can take to boost the security of your sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we employ are updated constantly with a commercial bundle from a third-party security enterprise we work with, but occasionally our admins include their own rules as well in case they come across a new potential threat.