ModSecurity is a plugin for Apache web servers which functions as a web app layer firewall. It's employed to stop attacks towards script-driven Internet sites through the use of security rules which contain specific expressions. In this way, the firewall can block hacking and spamming attempts and shield even Internet sites which aren't updated frequently. For example, numerous failed login attempts to a script administrative area or attempts to execute a certain file with the purpose to get access to the script will trigger particular rules, so ModSecurity shall block these activities the minute it identifies them. The firewall is incredibly efficient as it tracks the entire HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any damage is done. It also maintains an exceptionally detailed log of all attack attempts which includes more information than traditional Apache logs, so you could later examine the data and take extra measures to increase the security of your sites if needed.

ModSecurity in Shared Hosting

ModSecurity is supplied with all shared hosting web servers, so when you decide to host your sites with our organization, they'll be protected against a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you'll need to do on your end. You will be able to stop ModSecurity for any site if necessary, or to switch on a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You will be able to view comprehensive logs from your Hepsia CP including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity handled the threat. Since we take the safety of our clients' sites seriously, we employ a selection of commercial rules which we take from one of the top companies that maintain such rules. Our administrators also include custom rules to make certain that your Internet sites will be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Servers

We've integrated ModSecurity by default inside all semi-dedicated server products, so your web applications will be protected whenever you install them under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts shall permit you to switch on or turn off the firewall for any Internet site with a click. You'll also have the ability to activate a passive detection mode with which ModSecurity shall maintain a log of potential attacks without really stopping them. The comprehensive logs include the nature of the attack and what ModSecurity response this attack generated, where it originated from, etc. The list of rules we employ is frequently updated in order to match any new threats that may appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones that our administrators add if they find a threat that's not present in the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is included with all Hepsia-based VPS servers we offer and it'll be activated automatically for any new domain or subdomain which you include on the machine. That way, any web application which you install shall be secured right away without doing anything manually on your end. The firewall could be handled via the section of the Control Panel that has the same name. This is the location whereyou can disable ModSecurity or let its passive mode, so it won't take any action toward threats, but shall still keep a detailed log. The recorded data is available inside the same section as well and you'll be able to see what IPs any attacks came from to enable you to stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules that we employ on our servers are a combination between commercial ones we obtain from a security firm and custom ones that are included by our admins to enhance the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is provided as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain which you create on the hosting server. In the event that a web app does not work properly, you could either disable the firewall or set it to work in passive mode. The latter means that ModSecurity will maintain a log of any possible attack which might occur, but won't take any action to prevent it. The logs produced in passive or active mode shall offer you more details about the exact file which was attacked, the nature of the attack and the IP address it came from, etc. This info shall enable you to determine what actions you can take to enhance the safety of your sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated regularly with a commercial pack from a third-party security provider we work with, but sometimes our staff add their own rules too if they find a new potential threat.