ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's used to prevent attacks against script-driven sites by using security rules that contain certain expressions. This way, the firewall can stop hacking and spamming attempts and shield even websites which aren't updated often. For instance, a number of unsuccessful login attempts to a script admin area or attempts to execute a certain file with the objective to get access to the script shall trigger specific rules, so ModSecurity will block these activities the instant it detects them. The firewall is incredibly efficient because it screens the whole HTTP traffic to a website in real time without slowing it down, so it will be able to stop an attack before any damage is done. It additionally keeps a very comprehensive log of all attack attempts which includes more information than traditional Apache logs, so you can later analyze the data and take further measures to increase the security of your Internet sites if needed.

ModSecurity in Shared Hosting

We offer ModSecurity with all shared hosting packages, so your web applications will be protected against malicious attacks. The firewall is turned on as standard for all domains and subdomains, but if you'd like, you shall be able to stop it through the respective area of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you'll find in Hepsia are incredibly detailed and offer info about the nature of any attack, when it transpired and from what IP, the firewall rule that was triggered, etc. We employ a group of commercial rules which are frequently updated, but sometimes our admins add custom rules as well in order to efficiently protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server plans and if you choose to host your Internet sites with us, there shall not be anything special you'll have to do since the firewall is turned on by default for all domains and subdomains which you include through your hosting Control Panel. If needed, you could disable ModSecurity for a certain Internet site or turn on the so-called detection mode in which case the firewall shall still function and record information, but will not do anything to stop possible attacks on your websites. Comprehensive logs shall be accessible inside your CP and you will be able to see which kind of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, etc. We employ two kinds of rules on our servers - commercial ones from a business which operates in the field of web security, and custom ones which our administrators occasionally add to respond to newly identified threats on time.

ModSecurity in VPS Servers

Safety is vital to us, so we set up ModSecurity on all VPS servers that are set up with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section within Hepsia and is activated automatically when you add a new domain or create a subdomain, so you'll not have to do anything by hand. You shall also be able to disable it or turn on the so-called detection mode, so it shall keep a log of potential attacks which you can later study, but won't stop them. The logs in both passive and active modes offer details regarding the form of the attack and how it was eliminated, what IP address it came from and other important information that may help you to tighten the security of your sites by updating them or blocking IPs, as an example. In addition to the commercial rules we get for ModSecurity from a third-party security firm, we also implement our own rules since once in a while we detect specific attacks which aren't yet present within the commercial pack. That way, we can increase the protection of your Virtual private server in a timely manner rather than waiting for a certified update.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers that are set up with our Hepsia CP and you won't have to do anything specific on your end to use it as it is enabled by default every time you include a new domain or subdomain on your server. If it interferes with some of your apps, you shall be able to stop it through the respective part of Hepsia, or you can leave it in passive mode, so it shall identify attacks and will still keep a log for them, but won't prevent them. You'll be able to analyze the logs later to determine what you can do to increase the security of your Internet sites since you shall find info such as where an intrusion attempt originated from, what Internet site was attacked and based upon what rule ModSecurity responded, etcetera. The rules we employ are commercial, therefore they're constantly updated by a security firm, but to be on the safe side, our admins also include custom rules every now and then in order to respond to any new threats they have found.