ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's employed to prevent attacks against script-driven Internet sites by using security rules that contain particular expressions. That way, the firewall can stop hacking and spamming attempts and shield even Internet sites which aren't updated on a regular basis. As an example, numerous unsuccessful login attempts to a script admin area or attempts to execute a specific file with the intention to get access to the script shall trigger certain rules, so ModSecurity shall block these activities the second it discovers them. The firewall is very efficient because it monitors the entire HTTP traffic to a website in real time without slowing it down, so it can easily prevent an attack before any damage is done. It also maintains an incredibly detailed log of all attack attempts that features more info than traditional Apache logs, so you can later check out the data and take further measures to improve the security of your websites if required.

ModSecurity in Shared Hosting

ModSecurity is supplied with all shared hosting servers, so if you choose to host your websites with our business, they will be protected against a wide range of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any Internet site if needed, or to activate a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You shall be able to view specific logs through your Hepsia Control Panel including the IP where the attack came from, what the attacker wanted to do and how ModSecurity handled the threat. Since we take the security of our clients' Internet sites very seriously, we use a selection of commercial rules that we take from one of the best firms that maintain such rules. Our administrators also add custom rules to make certain that your websites shall be protected against as many risks as possible.

ModSecurity in Semi-dedicated Servers

We've integrated ModSecurity as a standard within all semi-dedicated server plans, so your web applications shall be protected the instant you install them under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts shall permit you to enable or disable the firewall for any site with a mouse click. You'll also be able to switch on a passive detection mode through which ModSecurity will maintain a log of potential attacks without really preventing them. The thorough logs contain the nature of the attack and what ModSecurity response this attack triggered, where it came from, and so on. The list of rules that we employ is regularly updated as to match any new threats which could appear on the Internet and it comes with both commercial rules that we get from a security company and custom-written ones that our administrators add in the event that they discover a threat that is not present inside the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are offered with the Hepsia hosting CP, so your web applications shall be secured from the moment your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if required, you could disable it with a click of your mouse via the corresponding section of Hepsia. You can also set it to operate in detection mode, so it shall keep an extensive log of any possible attacks without taking any action to stop them. The logs can be found inside the very same section and include information about the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For best security, we use not simply commercial rules from a company working in the field of web security, but also custom ones that our admins include manually in order to react to new threats that are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is provided as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the hosting server. In the event that a web app doesn't work properly, you may either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity will keep a log of any possible attack that may happen, but shall not take any action to stop it. The logs generated in active or passive mode shall give you additional details about the exact file which was attacked, the type of the attack and the IP address it came from, etc. This information shall enable you to choose what steps you can take to enhance the security of your websites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated regularly with a commercial package from a third-party security firm we work with, but sometimes our administrators add their own rules as well in the event that they identify a new potential threat.