ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is employed to stop attacks towards script-driven Internet sites by using security rules that contain particular expressions. That way, the firewall can block hacking and spamming attempts and preserve even websites which aren't updated regularly. For instance, multiple unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the purpose to get access to the script will trigger specific rules, so ModSecurity will block these activities the second it identifies them. The firewall is quite efficient because it tracks the entire HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It also maintains a very detailed log of all attack attempts that contains more info than typical Apache logs, so you can later examine the data and take extra measures to enhance the security of your websites if required.

ModSecurity in Shared Web Hosting

We offer ModSecurity with all shared web hosting packages, so your web apps will be protected against malicious attacks. The firewall is turned on as standard for all domains and subdomains, but in case you would like, you'll be able to stop it via the respective part of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you shall discover inside Hepsia are incredibly detailed and feature info about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, etcetera. We employ a range of commercial rules which are regularly updated, but sometimes our admins add custom rules as well so as to efficiently protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

Any web program that you set up within your new semi-dedicated server account shall be protected by ModSecurity since the firewall comes with all our hosting solutions and is activated by default for any domain and subdomain you add or create through your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated section inside Hepsia where not only can you activate or deactivate it fully, but you may also switch on a passive mode, so the firewall won't stop anything, but it'll still keep a record of potential attacks. This takes simply a mouse click and you shall be able to see the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, and so forth. The firewall employs 2 groups of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one that our admins update manually in order to respond to newly discovered threats as quickly as possible.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are set up with the Hepsia hosting CP, so your web apps will be protected from the moment your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if needed, you can disable it with a click via the corresponding section of Hepsia. You could also set it to operate in detection mode, so it will keep an extensive log of any potential attacks without taking any action to prevent them. The logs can be found within the exact same section and offer info about the nature of the attack, what IP address it originated from and what ModSecurity rule was triggered to stop it. For best security, we use not simply commercial rules from a company operating in the field of web security, but also custom ones that our admins add personally so as to react to new risks which are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain which you create on the server. In case that a web app doesn't work correctly, you could either turn off the firewall or set it to function in passive mode. The second means that ModSecurity shall keep a log of any possible attack that may happen, but will not take any action to prevent it. The logs produced in active or passive mode will present you with more details about the exact file that was attacked, the type of the attack and the IP it originated from, and so forth. This info shall enable you to choose what measures you can take to increase the security of your websites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated often with a commercial bundle from a third-party security provider we work with, but from time to time our administrators include their own rules also in case they come across a new potential threat.