ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is used to stop attacks towards script-driven websites through the use of security rules that contain certain expressions. That way, the firewall can stop hacking and spamming attempts and protect even websites that are not updated regularly. For instance, several unsuccessful login attempts to a script administrative area or attempts to execute a specific file with the intention to get access to the script will trigger certain rules, so ModSecurity shall block these activities the instant it detects them. The firewall is quite efficient since it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it can stop an attack before any damage is done. It furthermore maintains a very detailed log of all attack attempts that includes more info than standard Apache logs, so you could later check out the data and take additional measures to increase the security of your websites if required.

ModSecurity in Hosting

ModSecurity comes standard with all hosting packages that we provide and it shall be turned on automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and disable it with simply a click or set it to detection mode, so it'll maintain a log of all attacks, but it'll not do anything to prevent them. The log for any of your Internet sites will include detailed information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules that we use are constantly updated and incorporate both commercial ones which we get from a third-party security company and custom ones that our system administrators add in case that they detect a new type of attacks. That way, the Internet sites which you host here will be a lot more secure with no action expected on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions that we offer feature ModSecurity and since the firewall is switched on by default, any website which you set up under a domain or a subdomain shall be secured straight away. A separate section within the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it shall enable you to stop and start the firewall for any website or enable a detection mode. With the last mentioned, ModSecurity shall not take any action, but it will still detect possible attacks and will keep all info within a log as if it were fully active. The logs can be found inside the very same section of the CP and they feature information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules which we use on our machines are a mix between commercial ones from a security firm and custom ones created by our system administrators. Consequently, we provide greater security for your web apps as we can defend them from attacks before security companies release updates for new threats.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers which we offer and it'll be switched on automatically for any new domain or subdomain that you add on the server. That way, any web application that you install will be secured right away without doing anything manually on your end. The firewall may be managed via the section of the CP that bears the same name. This is the location in whichyou could disable ModSecurity or let its passive mode, so it won't take any action toward threats, but shall still keep a detailed log. The recorded info is available in the same area as well and you shall be able to see what IPs any attacks originated from to enable you to stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules we employ on our servers are a mixture between commercial ones that we obtain from a security company and custom ones which are added by our administrators to improve the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain that you create on the hosting server. In the event that a web application does not operate properly, you can either disable the firewall or set it to operate in passive mode. The latter means that ModSecurity will keep a log of any possible attack which may take place, but won't take any action to prevent it. The logs produced in active or passive mode will give you more details about the exact file that was attacked, the type of the attack and the IP it came from, and so forth. This info shall enable you to determine what steps you can take to increase the protection of your sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated constantly with a commercial bundle from a third-party security firm we work with, but occasionally our administrators add their own rules as well if they find a new potential threat.