ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is used to prevent attacks against script-driven sites by employing security rules which contain certain expressions. This way, the firewall can prevent hacking and spamming attempts and protect even sites that aren't updated regularly. As an example, several failed login attempts to a script administrator area or attempts to execute a particular file with the purpose to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the instant it detects them. The firewall is quite efficient as it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any damage is done. It additionally maintains an exceptionally comprehensive log of all attack attempts which features more info than standard Apache logs, so you could later analyze the data and take further measures to increase the security of your websites if required.

ModSecurity in Cloud Hosting

ModSecurity is offered with each cloud hosting package which we offer and it's turned on by default for every domain or subdomain which you include via your Hepsia CP. In case it interferes with any of your programs or you'd like to disable it for any reason, you'll be able to do that through the ModSecurity area of Hepsia with only a click. You can also use a passive mode, so the firewall will recognize potential attacks and maintain a log, but shall not take any action. You could view comprehensive logs in the same section, including the IP address where the attack originated from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so on. For max safety of our customers we use a set of commercial firewall rules mixed with custom ones which are provided by our system admins.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server plans and if you decide to host your sites with our company, there will not be anything special you will have to do as the firewall is switched on by default for all domains and subdomains that you add via your hosting Control Panel. If required, you could disable ModSecurity for a certain Internet site or enable the so-called detection mode in which case the firewall shall still operate and record info, but will not do anything to stop potential attacks against your sites. Comprehensive logs shall be accessible inside your Control Panel and you shall be able to see what sort of attacks occurred, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, etc. We employ 2 types of rules on our servers - commercial ones from a business that operates in the field of web security, and custom made ones that our administrators occasionally include to respond to newly identified threats promptly.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are set up with the Hepsia hosting CP, so your web programs shall be secured from the instant your server is in a position. The firewall is switched on by default for any domain or subdomain on the VPS, but if required, you can disable it with a click of your mouse from the corresponding section of Hepsia. You can also set it to function in detection mode, so it'll maintain a detailed log of any possible attacks without taking any action to stop them. The logs are available inside the very same section and offer information regarding the nature of the attack, what IP it came from and what ModSecurity rule was triggered to stop it. For maximum security, we use not simply commercial rules from a company working in the field of web security, but also custom ones that our administrators include manually so as to respond to new risks which are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers that are integrated with our Hepsia CP and you won't have to do anything specific on your end to employ it as it is switched on by default whenever you include a new domain or subdomain on your server. If it disrupts some of your programs, you'll be able to stop it via the respective part of Hepsia, or you can leave it in passive mode, so it will recognize attacks and shall still keep a log for them, but won't prevent them. You'll be able to look at the logs later to find out what you can do to boost the safety of your Internet sites since you'll find info such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity reacted, etc. The rules which we use are commercial, thus they're constantly updated by a security company, but to be on the safe side, our staff also include custom rules from time to time as to react to any new threats they have found.