ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is used to prevent attacks towards script-driven Internet sites by using security rules that contain certain expressions. That way, the firewall can block hacking and spamming attempts and protect even websites that aren't updated on a regular basis. As an example, numerous failed login attempts to a script admin area or attempts to execute a certain file with the purpose to get access to the script shall trigger specific rules, so ModSecurity shall block these activities the minute it detects them. The firewall is quite efficient because it screens the entire HTTP traffic to a site in real time without slowing it down, so it could stop an attack before any harm is done. It also maintains an exceptionally comprehensive log of all attack attempts that includes more info than traditional Apache logs, so you can later examine the data and take additional measures to boost the security of your websites if needed.

ModSecurity in Shared Web Hosting

ModSecurity can be found with every single shared web hosting plan which we provide and it is switched on by default for any domain or subdomain which you include through your Hepsia CP. If it disrupts any of your applications or you'd like to disable it for any reason, you'll be able to do that through the ModSecurity section of Hepsia with merely a mouse click. You can also enable a passive mode, so the firewall will detect potential attacks and maintain a log, but will not take any action. You can see extensive logs in the very same section, including the IP address where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etc. For maximum safety of our clients we use a collection of commercial firewall rules mixed with custom ones which are added by our system administrators.

ModSecurity in Semi-dedicated Servers

We have integrated ModSecurity as a standard within all semi-dedicated server packages, so your web applications shall be protected the instant you install them under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts shall allow you to enable or turn off the firewall for any Internet site with a mouse click. You shall also be able to switch on a passive detection mode with which ModSecurity shall maintain a log of potential attacks without actually stopping them. The detailed logs include the nature of the attack and what ModSecurity response that attack generated, where it came from, etc. The list of rules which we employ is frequently updated as to match any new risks that could appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones that our administrators add in case they find a threat that is not present inside the commercial list yet.

ModSecurity in VPS Servers

All VPS servers that are set up with the Hepsia Control Panel include ModSecurity. The firewall is installed and switched on by default for all domains that are hosted on the machine, so there shall not be anything special which you shall have to do to protect your websites. It'll take you just a click to stop ModSecurity if required or to turn on its passive mode so that it records what goes on without taking any measures to prevent intrusions. You shall be able to look at the logs generated in passive or active mode from the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall employed to deal with it, and so forth. We use a combination of commercial and custom rules so as to make sure that ModSecurity will prevent as many risks as possible, hence enhancing the protection of your web applications as much as possible.

ModSecurity in Dedicated Servers

All of our dedicated servers that are installed with the Hepsia hosting Control Panel come with ModSecurity, so any app which you upload or install shall be properly secured from the very beginning and you won't have to concern yourself with common attacks or vulnerabilities. A separate section within Hepsia will permit you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you will find in the logs can easily help you to secure your Internet sites better - the IP an attack originated from, what site was attacked and exactly how, what ModSecurity rule was triggered, and so forth. With this info, you could see if an Internet site needs an update, if you ought to block IPs from accessing your hosting server, etcetera. On top of the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones too if they find a new threat that is not yet included in the commercial bundle.