ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's used to prevent attacks toward script-driven websites by using security rules which contain particular expressions. That way, the firewall can block hacking and spamming attempts and preserve even websites that are not updated on a regular basis. For instance, several failed login attempts to a script administrator area or attempts to execute a certain file with the purpose to get access to the script shall trigger certain rules, so ModSecurity will stop these activities the second it discovers them. The firewall is incredibly efficient because it tracks the whole HTTP traffic to a site in real time without slowing it down, so it could prevent an attack before any damage is done. It also maintains an exceptionally comprehensive log of all attack attempts which contains more information than conventional Apache logs, so you can later examine the data and take extra measures to improve the security of your sites if needed.

ModSecurity in Hosting

ModSecurity comes by default with all hosting plans which we provide and it will be switched on automatically for any domain or subdomain you add/create within your Hepsia hosting CP. The firewall has three different modes, so you can activate and disable it with a click or set it to detection mode, so it'll maintain a log of all attacks, but it will not do anything to prevent them. The log for each of your Internet sites shall feature detailed information including the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules we use are regularly updated and consist of both commercial ones that we get from a third-party security business and custom ones our system administrators add in the event that they detect a new kind of attacks. This way, the sites which you host here shall be way more secure with no action expected on your end.

ModSecurity in Semi-dedicated Servers

Any web program which you install inside your new semi-dedicated server account shall be protected by ModSecurity as the firewall is provided with all our hosting plans and is turned on by default for any domain and subdomain that you add or create using your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated area within Hepsia where not simply can you activate or deactivate it completely, but you may also enable a passive mode, so the firewall won't block anything, but it'll still keep an archive of potential attacks. This takes just a mouse click and you shall be able to look at the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was taken care of, and so forth. The firewall uses 2 sets of rules on our servers - a commercial one that we get from a third-party web security provider and a custom one that our administrators update manually as to respond to recently discovered risks immediately.

ModSecurity in VPS Servers

All VPS servers that are offered with the Hepsia CP feature ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the web server, so there won't be anything special which you shall have to do to protect your websites. It shall take you simply a mouse click to stop ModSecurity if needed or to switch on its passive mode so that it records what happens without taking any steps to prevent intrusions. You shall be able to see the logs produced in passive or active mode through the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall employed to take care of it, and so forth. We use a mix of commercial and custom rules in order to make sure that ModSecurity will block out as many threats as possible, therefore enhancing the security of your web programs as much as possible.

ModSecurity in Dedicated Servers

If you choose to host your Internet sites on a dedicated server with the Hepsia CP, your web applications shall be secured right away as ModSecurity is available with all Hepsia-based solutions. You'll be able to regulate the firewall effortlessly and if needed, you'll be able to turn it off or activate its passive mode when it shall only maintain a log of what is taking place without taking any action to stop potential attacks. The logs which you can find in the very same section of the Control Panel are incredibly detailed and feature details about the attacker IP address, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so forth. This data shall enable you to take measures and enhance the protection of your sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our administrators add whenever they detect attacks that haven't yet been included in the commercial pack.