ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's employed to prevent attacks towards script-driven websites by using security rules that contain specific expressions. This way, the firewall can block hacking and spamming attempts and preserve even Internet sites which are not updated regularly. For instance, multiple unsuccessful login attempts to a script admin area or attempts to execute a particular file with the purpose to get access to the script shall trigger particular rules, so ModSecurity will block these activities the instant it discovers them. The firewall is quite efficient since it tracks the entire HTTP traffic to a website in real time without slowing it down, so it will be able to stop an attack before any damage is done. It furthermore keeps a very detailed log of all attack attempts that contains more information than typical Apache logs, so you can later examine the data and take further measures to improve the security of your sites if necessary.

ModSecurity in Website Hosting

We offer ModSecurity with all website hosting packages, so your web applications will be resistant to malicious attacks. The firewall is turned on as standard for all domains and subdomains, but in case you would like, you shall be able to stop it using the respective area of your Hepsia CP. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you shall find inside Hepsia are extremely detailed and offer data about the nature of any attack, when it happened and from what IP address, the firewall rule that was triggered, etc. We use a range of commercial rules which are often updated, but sometimes our admins include custom rules as well in order to better protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

Any web application you set up within your new semi-dedicated hosting account shall be protected by ModSecurity since the firewall is provided with all our hosting packages and is turned on by default for any domain and subdomain that you add or create using your Hepsia hosting Control Panel. You shall be able to manage ModSecurity via a dedicated section inside Hepsia where not simply could you activate or deactivate it fully, but you can also activate a passive mode, so the firewall won't stop anything, but it shall still maintain a record of possible attacks. This requires simply a click and you shall be able to look at the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, and so forth. The firewall uses 2 sets of rules on our web servers - a commercial one which we get from a third-party web security provider and a custom one that our admins update manually in order to respond to recently discovered threats immediately.

ModSecurity in VPS

All virtual private servers that are offered with the Hepsia Control Panel come with ModSecurity. The firewall is set up and activated by default for all domains that are hosted on the machine, so there won't be anything special that you'll have to do to protect your websites. It shall take you simply a click to stop ModSecurity if required or to switch on its passive mode so that it records what goes on without taking any actions to prevent intrusions. You shall be able to look at the logs created in active or passive mode from the corresponding section of Hepsia and discover more about the type of the attack, where it originated from, what rule the firewall used to deal with it, etc. We use a mixture of commercial and custom rules so as to make certain that ModSecurity shall block as many risks as possible, hence improving the protection of your web applications as much as possible.

ModSecurity in Dedicated Hosting

ModSecurity is included with all dedicated servers which are set up with our Hepsia Control Panel and you will not need to do anything specific on your end to use it since it is turned on by default every time you add a new domain or subdomain on your server. If it interferes with some of your apps, you shall be able to stop it through the respective area of Hepsia, or you can leave it in passive mode, so it shall identify attacks and shall still maintain a log for them, but shall not stop them. You could look at the logs later to determine what you can do to boost the protection of your sites since you shall find details such as where an intrusion attempt originated from, what Internet site was attacked and in accordance with what rule ModSecurity responded, etc. The rules which we use are commercial, thus they are constantly updated by a security provider, but to be on the safe side, our administrators also include custom rules once in a while as to respond to any new threats they have identified.