ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is used to stop attacks against script-driven sites by using security rules that contain specific expressions. That way, the firewall can block hacking and spamming attempts and preserve even sites that aren't updated regularly. As an example, multiple unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the objective to get access to the script will trigger certain rules, so ModSecurity will block these activities the second it discovers them. The firewall is extremely efficient as it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it can prevent an attack before any harm is done. It additionally maintains a very detailed log of all attack attempts which includes more info than conventional Apache logs, so you can later check out the data and take additional measures to increase the security of your Internet sites if required.

ModSecurity in Website Hosting

We provide ModSecurity with all website hosting packages, so your Internet applications will be resistant to destructive attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you shall be able to stop it via the respective area of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you'll discover inside Hepsia are quite detailed and feature information about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, and so forth. We use a group of commercial rules that are constantly updated, but sometimes our administrators add custom rules as well so as to better protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

Any web app that you install within your new semi-dedicated hosting account will be protected by ModSecurity because the firewall comes with all our hosting plans and is switched on by default for any domain and subdomain that you include or create via your Hepsia hosting Control Panel. You shall be able to manage ModSecurity via a dedicated section inside Hepsia where not only could you activate or deactivate it fully, but you could also enable a passive mode, so the firewall won't stop anything, but it'll still maintain an archive of potential attacks. This requires only a click and you will be able to look at the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was handled, etc. The firewall employs two groups of rules on our machines - a commercial one that we get from a third-party web security company and a custom one which our administrators update personally as to respond to recently discovered threats as quickly as possible.

ModSecurity in VPS

Protection is essential to us, so we set up ModSecurity on all virtual private servers that are provided with the Hepsia CP as a standard. The firewall can be managed through a dedicated section within Hepsia and is activated automatically when you add a new domain or create a subdomain, so you'll not need to do anything personally. You will also be able to deactivate it or activate the so-called detection mode, so it'll keep a log of potential attacks you can later analyze, but will not prevent them. The logs in both passive and active modes offer info regarding the form of the attack and how it was eliminated, what IP it came from and other useful data that could help you to tighten the security of your sites by updating them or blocking IPs, for instance. Beyond the commercial rules we get for ModSecurity from a third-party security company, we also use our own rules as occasionally we identify specific attacks that aren't yet present inside the commercial package. That way, we can enhance the security of your Virtual private server instantly as opposed to awaiting a certified update.

ModSecurity in Dedicated Hosting

ModSecurity is included with all dedicated servers which are set up with our Hepsia CP and you'll not have to do anything specific on your end to use it because it's turned on by default whenever you add a new domain or subdomain on your hosting server. If it disrupts some of your apps, you shall be able to stop it through the respective part of Hepsia, or you may leave it operating in passive mode, so it will detect attacks and will still maintain a log for them, but won't stop them. You may examine the logs later to find out what you can do to increase the security of your Internet sites as you'll find details such as where an intrusion attempt came from, what site was attacked and based upon what rule ModSecurity reacted, etcetera. The rules that we employ are commercial, thus they are regularly updated by a security provider, but to be on the safe side, our staff also add custom rules every now and then in order to deal with any new threats they have found.