ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is employed to prevent attacks against script-driven sites through the use of security rules which contain certain expressions. That way, the firewall can block hacking and spamming attempts and shield even websites that are not updated on a regular basis. For instance, numerous unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the objective to get access to the script shall trigger specific rules, so ModSecurity shall block out these activities the second it detects them. The firewall is quite efficient since it monitors the whole HTTP traffic to a website in real time without slowing it down, so it can easily stop an attack before any damage is done. It furthermore keeps a very thorough log of all attack attempts which includes more info than typical Apache logs, so you can later analyze the data and take further measures to improve the security of your websites if needed.

ModSecurity in Web Hosting

ModSecurity is provided with all web hosting web servers, so if you opt to host your sites with our organization, they shall be resistant to a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you shall have to do on your end. You shall be able to stop ModSecurity for any Internet site if needed, or to enable a detection mode, so all activity will be recorded, but the firewall will not take any real action. You will be able to view specific logs from your Hepsia CP including the IP where the attack came from, what the attacker planned to do and how ModSecurity handled the threat. Since we take the protection of our customers' websites very seriously, we employ a set of commercial rules which we take from one of the leading firms that maintain this kind of rules. Our administrators also add custom rules to make certain that your Internet sites shall be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Hosting

Any web application which you set up in your new semi-dedicated hosting account will be protected by ModSecurity as the firewall is provided with all our hosting packages and is turned on by default for any domain and subdomain you include or create through your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated section within Hepsia where not only could you activate or deactivate it completely, but you could also enable a passive mode, so the firewall won't stop anything, but it'll still keep an archive of possible attacks. This normally requires only a click and you shall be able to look at the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was handled, etc. The firewall uses 2 sets of rules on our machines - a commercial one that we get from a third-party web security company and a custom one that our admins update personally in order to respond to recently discovered risks at the earliest opportunity.

ModSecurity in VPS Hosting

ModSecurity is provided with all Hepsia-based virtual private servers which we offer and it'll be activated automatically for every new domain or subdomain you add on the machine. This way, any web application you install shall be protected right from the start without doing anything manually on your end. The firewall may be managed from the section of the Control Panel which has the same name. This is the place whereyou could switch off ModSecurity or activate its passive mode, so it won't take any action towards threats, but shall still keep a thorough log. The recorded data is available in the same area as well and you shall be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules that we use on our servers are a blend between commercial ones we get from a security company and custom ones which are added by our administrators to enhance the protection of any web apps hosted on our end.

ModSecurity in Dedicated Web Hosting

ModSecurity is available as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain which you create on the hosting server. In case that a web app does not operate correctly, you can either disable the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any possible attack which may occur, but will not take any action to prevent it. The logs created in passive or active mode will provide you with additional details about the exact file which was attacked, the nature of the attack and the IP it originated from, etcetera. This data shall permit you to determine what actions you can take to enhance the security of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated constantly with a commercial package from a third-party security firm we work with, but oftentimes our staff include their own rules too in case they come across a new potential threat.