ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It is used to stop attacks towards script-driven websites by employing security rules which contain particular expressions. In this way, the firewall can prevent hacking and spamming attempts and preserve even Internet sites which aren't updated regularly. For instance, multiple failed login attempts to a script administrative area or attempts to execute a specific file with the objective to get access to the script will trigger specific rules, so ModSecurity shall stop these activities the second it identifies them. The firewall is incredibly efficient because it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it can stop an attack before any damage is done. It furthermore maintains an exceptionally comprehensive log of all attack attempts that includes more info than conventional Apache logs, so you can later examine the data and take further measures to increase the security of your Internet sites if needed.

ModSecurity in Cloud Website Hosting

ModSecurity is available with every cloud website hosting plan that we provide and it's switched on by default for any domain or subdomain which you include through your Hepsia Control Panel. In case it disrupts any of your applications or you would like to disable it for any reason, you'll be able to do that through the ModSecurity section of Hepsia with only a click. You can also enable a passive mode, so the firewall will identify potential attacks and maintain a log, but will not take any action. You can view detailed logs in the very same section, including the IP address where the attack originated from, exactly what the attacker tried to do and at what time, what ModSecurity did, etcetera. For maximum protection of our clients we use a group of commercial firewall rules combined with custom ones that are included by our system administrators.

ModSecurity in Semi-dedicated Hosting

We have integrated ModSecurity by default in all semi-dedicated hosting packages, so your web apps will be protected whenever you set them up under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts will allow you to enable or turn off the firewall for any website with a click. You shall also be able to switch on a passive detection mode with which ModSecurity will keep a log of potential attacks without actually stopping them. The thorough logs include the nature of the attack and what ModSecurity response this attack initiated, where it came from, etcetera. The list of rules we employ is frequently updated in order to match any new threats that may appear on the Internet and it consists of both commercial rules that we get from a security corporation and custom-written ones that our admins add in the event that they discover a threat which is not present within the commercial list yet.

ModSecurity in VPS

ModSecurity is provided with all Hepsia-based virtual private servers we offer and it shall be turned on automatically for any new domain or subdomain that you include on the web server. That way, any web application which you install shall be secured from the very beginning without doing anything manually on your end. The firewall could be handled via the section of the Control Panel that has the same name. This is the location whereyou'll be able to switch off ModSecurity or activate its passive mode, so it will not take any action toward threats, but shall still maintain a detailed log. The recorded info is available in the same area as well and you shall be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules we employ on our servers are a mix between commercial ones which we obtain from a security organization and custom ones that are included by our staff to enhance the security of any web applications hosted on our end.

ModSecurity in Dedicated Hosting

ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain which you create on the hosting server. In case that a web app doesn't work adequately, you may either switch off the firewall or set it to operate in passive mode. The latter means that ModSecurity shall keep a log of any potential attack that may take place, but won't take any action to stop it. The logs generated in active or passive mode shall present you with more details about the exact file that was attacked, the type of the attack and the IP address it originated from, and so on. This information will allow you to decide what steps you can take to improve the security of your websites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated regularly with a commercial package from a third-party security enterprise we work with, but sometimes our admins add their own rules also in case they find a new potential threat.