ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is employed to prevent attacks against script-driven Internet sites through the use of security rules that contain certain expressions. This way, the firewall can block hacking and spamming attempts and protect even websites which are not updated often. For example, multiple failed login attempts to a script administrative area or attempts to execute a specific file with the intention to get access to the script will trigger specific rules, so ModSecurity will stop these activities the second it identifies them. The firewall is very efficient since it monitors the entire HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It furthermore keeps an exceptionally comprehensive log of all attack attempts which contains more info than typical Apache logs, so you can later check out the data and take extra measures to increase the security of your sites if needed.

ModSecurity in Cloud Hosting

ModSecurity can be found with each and every cloud hosting package which we offer and it is turned on by default for any domain or subdomain that you include through your Hepsia Control Panel. In the event that it disrupts any of your applications or you would like to disable it for whatever reason, you will be able to do this through the ModSecurity area of Hepsia with only a click. You can also activate a passive mode, so the firewall will recognize possible attacks and maintain a log, but won't take any action. You could see detailed logs in the exact same section, including the IP where the attack originated from, exactly what the attacker tried to do and at what time, what ModSecurity did, etc. For maximum protection of our customers we use a collection of commercial firewall rules mixed with custom ones which are provided by our system admins.

ModSecurity in Semi-dedicated Hosting

Any web application you set up in your new semi-dedicated hosting account shall be protected by ModSecurity since the firewall comes with all our hosting plans and is switched on by default for any domain and subdomain that you include or create through your Hepsia hosting Control Panel. You shall be able to manage ModSecurity via a dedicated section inside Hepsia where not simply can you activate or deactivate it completely, but you can also switch on a passive mode, so the firewall will not stop anything, but it will still keep an archive of potential attacks. This normally requires just a click and you'll be able to see the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was addressed, and so forth. The firewall employs 2 groups of rules on our machines - a commercial one which we get from a third-party web security company and a custom one that our admins update personally as to respond to newly discovered threats as quickly as possible.

ModSecurity in VPS

ModSecurity is provided with all Hepsia-based virtual private servers we offer and it shall be turned on automatically for every new domain or subdomain which you include on the hosting server. In this way, any web app which you install shall be secured from the very beginning without doing anything personally on your end. The firewall could be handled from the section of the CP which bears the same name. This is the area whereyou could switch off ModSecurity or enable its passive mode, so it will not take any action towards threats, but will still maintain a comprehensive log. The recorded info is available within the same area as well and you'll be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules that we employ on our servers are a mixture between commercial ones that we obtain from a security firm and custom ones that are added by our staff to maximize the protection of any web applications hosted on our end.

ModSecurity in Dedicated Hosting

ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain which you create on the web server. In case that a web app does not work properly, you could either switch off the firewall or set it to operate in passive mode. The second means that ModSecurity will maintain a log of any possible attack which might take place, but won't take any action to prevent it. The logs generated in active or passive mode will offer you more details about the exact file which was attacked, the form of the attack and the IP address it originated from, etc. This information will enable you to determine what actions you can take to increase the security of your sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated constantly with a commercial bundle from a third-party security firm we work with, but sometimes our staff include their own rules too if they find a new potential threat.