ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's employed to stop attacks against script-driven sites through the use of security rules which contain specific expressions. This way, the firewall can block hacking and spamming attempts and preserve even websites which are not updated on a regular basis. For instance, multiple failed login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script will trigger specific rules, so ModSecurity shall block these activities the instant it identifies them. The firewall is incredibly efficient since it tracks the whole HTTP traffic to an Internet site in real time without slowing it down, so it can easily stop an attack before any damage is done. It furthermore keeps an exceptionally detailed log of all attack attempts that includes more info than standard Apache logs, so you can later check out the data and take further measures to improve the security of your sites if required.

ModSecurity in Shared Hosting

We offer ModSecurity with all shared hosting solutions, so your Internet applications shall be shielded from destructive attacks. The firewall is turned on as standard for all domains and subdomains, but in case you would like, you shall be able to stop it through the respective section of your Hepsia CP. You could also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you'll find in Hepsia are incredibly detailed and include information about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, and so on. We employ a set of commercial rules that are regularly updated, but sometimes our administrators add custom rules as well so as to better protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server plans and if you choose to host your Internet sites with our company, there won't be anything special you'll have to do as the firewall is turned on by default for all domains and subdomains which you include using your hosting Control Panel. If needed, you'll be able to disable ModSecurity for a given website or enable the so-called detection mode in which case the firewall shall still work and record information, but won't do anything to stop possible attacks against your websites. Thorough logs will be readily available within your CP and you'll be able to see what sort of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, etcetera. We employ 2 kinds of rules on our servers - commercial ones from a business which operates in the field of web security, and customized ones which our administrators sometimes add to respond to newly found threats in a timely manner.

ModSecurity in VPS Servers

All VPS servers which are provided with the Hepsia CP feature ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the server, so there shall not be anything special that you'll need to do to protect your websites. It shall take you a click to stop ModSecurity if needed or to turn on its passive mode so that it records what occurs without taking any steps to stop intrusions. You'll be able to see the logs produced in passive or active mode from the corresponding section of Hepsia and find out more about the form of the attack, where it originated from, what rule the firewall used to deal with it, etc. We employ a combination of commercial and custom rules so as to ensure that ModSecurity shall block as many threats as possible, therefore increasing the security of your web applications as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is available by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the web server. In case that a web application doesn't operate correctly, you could either switch off the firewall or set it to work in passive mode. The second means that ModSecurity will keep a log of any potential attack which might occur, but shall not take any action to stop it. The logs generated in active or passive mode shall present you with additional details about the exact file that was attacked, the form of the attack and the IP it came from, etcetera. This information will enable you to decide what actions you can take to enhance the safety of your websites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated often with a commercial pack from a third-party security firm we work with, but occasionally our admins add their own rules as well when they identify a new potential threat.