ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It is used to prevent attacks towards script-driven websites through the use of security rules that contain specific expressions. That way, the firewall can block hacking and spamming attempts and preserve even websites that are not updated regularly. For example, numerous unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script will trigger specific rules, so ModSecurity will block out these activities the minute it detects them. The firewall is very efficient as it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it could stop an attack before any damage is done. It additionally maintains a very comprehensive log of all attack attempts that includes more info than typical Apache logs, so you could later analyze the data and take extra measures to enhance the security of your Internet sites if needed.

ModSecurity in Cloud Hosting

We provide ModSecurity with all cloud hosting solutions, so your Internet apps will be shielded from harmful attacks. The firewall is switched on by default for all domains and subdomains, but if you'd like, you'll be able to stop it through the respective area of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you will discover within Hepsia are extremely detailed and feature info about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, etcetera. We use a group of commercial rules that are frequently updated, but sometimes our admins add custom rules as well so as to efficiently protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

Any web application you install in your new semi-dedicated server account shall be protected by ModSecurity since the firewall comes with all our hosting packages and is switched on by default for any domain and subdomain which you add or create through your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated area in Hepsia where not only can you activate or deactivate it entirely, but you could also enable a passive mode, so the firewall won't block anything, but it shall still maintain an archive of possible attacks. This normally requires simply a mouse click and you shall be able to view the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, etc. The firewall uses two sets of rules on our web servers - a commercial one that we get from a third-party web security company and a custom one that our admins update manually in order to respond to newly discovered risks at the earliest opportunity.

ModSecurity in VPS Servers

Safety is vital to us, so we set up ModSecurity on all VPS servers which are set up with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section in Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you won't have to do anything manually. You shall also be able to deactivate it or turn on the so-called detection mode, so it will maintain a log of potential attacks that you can later study, but shall not stop them. The logs in both passive and active modes offer information regarding the type of the attack and how it was stopped, what IP it originated from and other useful data which may help you to tighten the security of your sites by updating them or blocking IPs, for instance. Beyond the commercial rules that we get for ModSecurity from a third-party security enterprise, we also employ our own rules as from time to time we identify specific attacks that are not yet present within the commercial pack. That way, we could improve the protection of your Virtual private server promptly instead of awaiting an official update.

ModSecurity in Dedicated Servers

ModSecurity is provided with all dedicated servers that are integrated with our Hepsia CP and you'll not have to do anything specific on your end to employ it as it's enabled by default each time you add a new domain or subdomain on your web server. In the event that it disrupts some of your applications, you will be able to stop it via the respective part of Hepsia, or you may leave it in passive mode, so it shall identify attacks and will still maintain a log for them, but shall not block them. You could analyze the logs later to find out what you can do to improve the protection of your Internet sites as you will find information such as where an intrusion attempt came from, what website was attacked and in accordance with what rule ModSecurity reacted, and so forth. The rules that we use are commercial, therefore they're regularly updated by a security company, but to be on the safe side, our administrators also add custom rules occasionally in order to react to any new threats they have discovered.