ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's employed to prevent attacks toward script-driven websites by employing security rules which contain particular expressions. In this way, the firewall can prevent hacking and spamming attempts and protect even Internet sites that aren't updated often. For example, numerous failed login attempts to a script administrator area or attempts to execute a certain file with the purpose to get access to the script will trigger certain rules, so ModSecurity shall stop these activities the moment it detects them. The firewall is quite efficient because it monitors the entire HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any damage is done. It also keeps a very thorough log of all attack attempts which features more info than standard Apache logs, so you could later analyze the data and take additional measures to enhance the security of your sites if required.

ModSecurity in Shared Web Hosting

We provide ModSecurity with all shared web hosting plans, so your web apps shall be shielded from malicious attacks. The firewall is activated as standard for all domains and subdomains, but if you'd like, you'll be able to stop it using the respective part of your Hepsia CP. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you will discover within Hepsia are very detailed and offer data about the nature of any attack, when it occurred and from what IP, the firewall rule that was triggered, etcetera. We employ a set of commercial rules which are constantly updated, but sometimes our admins add custom rules as well so as to efficiently protect the sites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

Any web app that you set up in your new semi-dedicated hosting account shall be protected by ModSecurity since the firewall is provided with all our hosting plans and is switched on by default for any domain and subdomain which you include or create via your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated area within Hepsia where not simply can you activate or deactivate it fully, but you can also activate a passive mode, so the firewall won't block anything, but it will still keep a record of potential attacks. This normally requires simply a mouse click and you shall be able to see the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was dealt with, etcetera. The firewall employs 2 sets of rules on our servers - a commercial one that we get from a third-party web security company and a custom one that our administrators update manually in order to respond to newly discovered threats as quickly as possible.

ModSecurity in VPS Web Hosting

All virtual private servers which are provided with the Hepsia Control Panel include ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the server, so there shall not be anything special that you'll have to do to protect your sites. It'll take you simply a click to stop ModSecurity if required or to turn on its passive mode so that it records what occurs without taking any steps to stop intrusions. You'll be able to see the logs generated in passive or active mode through the corresponding section of Hepsia and learn more about the type of the attack, where it originated from, what rule the firewall used to take care of it, and so forth. We use a combination of commercial and custom rules so as to make sure that ModSecurity shall prevent as many risks as possible, therefore increasing the security of your web applications as much as possible.

ModSecurity in Dedicated Servers Hosting

All of our dedicated servers that are installed with the Hepsia hosting Control Panel feature ModSecurity, so any application that you upload or set up will be protected from the very beginning and you won't have to worry about common attacks or vulnerabilities. A separate section within Hepsia will enable you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you'll find in the logs can enable you to to secure your websites better - the IP an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, etcetera. With this info, you could see if a website needs an update, if you should block IPs from accessing your server, and so forth. Besides the third-party commercial security rules for ModSecurity we use, our admins add custom ones as well if they discover a new threat which is not yet in the commercial bundle.