ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's employed to prevent attacks toward script-driven Internet sites through the use of security rules which contain certain expressions. That way, the firewall can block hacking and spamming attempts and preserve even sites which aren't updated often. For instance, several unsuccessful login attempts to a script administrative area or attempts to execute a specific file with the purpose to get access to the script shall trigger certain rules, so ModSecurity will block out these activities the second it identifies them. The firewall is very efficient because it monitors the entire HTTP traffic to a website in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It furthermore keeps a very detailed log of all attack attempts that includes more information than typical Apache logs, so you could later analyze the data and take additional measures to boost the security of your websites if necessary.

ModSecurity in Hosting

We offer ModSecurity with all hosting plans, so your web applications will be shielded from destructive attacks. The firewall is switched on as standard for all domains and subdomains, but in case you'd like, you'll be able to stop it using the respective area of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you'll find within Hepsia are incredibly detailed and feature information about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, and so forth. We use a group of commercial rules that are regularly updated, but sometimes our administrators add custom rules as well so as to efficiently protect the sites hosted on our machines.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages which we offer come with ModSecurity and because the firewall is enabled by default, any Internet site which you set up under a domain or a subdomain shall be protected straight away. An individual section within the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall permit you to start and stop the firewall for any site or activate a detection mode. With the last option, ModSecurity will not take any action, but it shall still detect possible attacks and shall keep all information in a log as if it were fully active. The logs could be found within the exact same section of the Control Panel and they offer information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules which we use on our servers are a mix between commercial ones from a security company and custom ones created by our system admins. Consequently, we provide increased security for your web apps as we can protect them from attacks even before security firms release updates for new threats.

ModSecurity in VPS Servers

Security is extremely important to us, so we install ModSecurity on all VPS servers which are made available with the Hepsia CP by default. The firewall can be managed through a dedicated section within Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you'll not need to do anything personally. You will also be able to deactivate it or switch on the so-called detection mode, so it will keep a log of potential attacks that you can later examine, but shall not prevent them. The logs in both passive and active modes offer information about the kind of the attack and how it was eliminated, what IP address it came from and other important data which might help you to tighten the security of your sites by updating them or blocking IPs, for example. Beyond the commercial rules which we get for ModSecurity from a third-party security enterprise, we also employ our own rules since occasionally we find specific attacks that aren't yet present in the commercial package. That way, we could enhance the protection of your VPS instantly as opposed to waiting for a certified update.

ModSecurity in Dedicated Servers

ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain you create on the web server. In the event that a web application doesn't work properly, you can either disable the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any possible attack which might take place, but won't take any action to prevent it. The logs generated in active or passive mode will offer you additional details about the exact file which was attacked, the form of the attack and the IP address it came from, and so forth. This data shall allow you to choose what actions you can take to boost the protection of your Internet sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated frequently with a commercial package from a third-party security company we work with, but occasionally our admins add their own rules too if they find a new potential threat.