ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's employed to prevent attacks towards script-driven sites through the use of security rules that contain certain expressions. This way, the firewall can stop hacking and spamming attempts and protect even Internet sites which aren't updated regularly. For instance, a number of failed login attempts to a script administrative area or attempts to execute a specific file with the purpose to get access to the script will trigger certain rules, so ModSecurity will block these activities the second it discovers them. The firewall is extremely efficient since it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any damage is done. It also keeps an incredibly comprehensive log of all attack attempts which features more information than traditional Apache logs, so you could later check out the data and take extra measures to increase the security of your websites if needed.

ModSecurity in Web Hosting

ModSecurity comes standard with all web hosting plans that we supply and it shall be switched on automatically for any domain or subdomain you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you can switch on and deactivate it with only a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to prevent them. The log for any of your Internet sites shall include elaborate information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules we use are frequently updated and include both commercial ones which we get from a third-party security business and custom ones our system administrators include in case that they detect a new kind of attacks. In this way, the websites that you host here will be much more secure without any action required on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions which we offer feature ModSecurity and since the firewall is switched on by default, any site that you build under a domain or a subdomain shall be secured right away. A separate section within the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll enable you to stop and start the firewall for any website or activate a detection mode. With the latter, ModSecurity shall not take any action, but it will still recognize possible attacks and will keep all data within a log as if it were completely active. The logs can be found within the very same section of the Control Panel and they offer info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules that we employ on our web servers are a mix between commercial ones from a security company and custom ones created by our system administrators. Consequently, we offer increased security for your web programs as we can shield them from attacks before security firms release updates for new threats.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are provided with the Hepsia hosting Control Panel, so your web applications shall be secured from the instant your server is in a position. The firewall is switched on by default for any domain or subdomain on the VPS, but if needed, you'll be able to disable it with a mouse click via the corresponding section of Hepsia. You can also set it to work in detection mode, so it will keep a detailed log of any possible attacks without taking any action to prevent them. The logs are available inside the exact same section and offer info about the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For maximum security, we employ not simply commercial rules from a firm operating in the field of web security, but also custom ones our admins add personally in order to react to new risks that are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers that are set up with our Hepsia CP and you won't need to do anything specific on your end to employ it because it's switched on by default every time you add a new domain or subdomain on your web server. If it interferes with any of your applications, you'll be able to stop it through the respective section of Hepsia, or you may leave it operating in passive mode, so it will recognize attacks and will still maintain a log for them, but will not stop them. You may look at the logs later to find out what you can do to increase the security of your sites as you'll find info such as where an intrusion attempt came from, what site was attacked and based on what rule ModSecurity reacted, etcetera. The rules which we employ are commercial, thus they're constantly updated by a security company, but to be on the safe side, our admins also add custom rules from time to time as to respond to any new threats they have discovered.