ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is employed to stop attacks towards script-driven Internet sites by employing security rules which contain specific expressions. That way, the firewall can prevent hacking and spamming attempts and protect even websites which aren't updated frequently. For instance, multiple failed login attempts to a script administrative area or attempts to execute a specific file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall block out these activities the minute it identifies them. The firewall is quite efficient because it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It furthermore maintains an incredibly detailed log of all attack attempts which features more information than traditional Apache logs, so you can later check out the data and take further measures to increase the security of your Internet sites if required.

ModSecurity in Shared Web Hosting

We offer ModSecurity with all shared web hosting solutions, so your web applications will be protected against harmful attacks. The firewall is switched on by default for all domains and subdomains, but if you'd like, you will be able to stop it via the respective area of your Hepsia CP. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you'll find in Hepsia are incredibly detailed and feature data about the nature of any attack, when it happened and from what IP address, the firewall rule which was triggered, and so forth. We use a group of commercial rules which are often updated, but sometimes our admins add custom rules as well so as to efficiently protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

We've included ModSecurity by default within all semi-dedicated hosting plans, so your web apps shall be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall allow you to switch on or turn off the firewall for any Internet site with a mouse click. You'll also have the ability to activate a passive detection mode with which ModSecurity shall maintain a log of possible attacks without really stopping them. The detailed logs include the nature of the attack and what ModSecurity response that attack initiated, where it came from, and so on. The list of rules which we use is constantly updated in order to match any new risks which could appear on the Internet and it consists of both commercial rules that we get from a security company and custom-written ones that our administrators add in case they find a threat that's not present inside the commercial list yet.

ModSecurity in VPS Hosting

All virtual private servers which are set up with the Hepsia CP come with ModSecurity. The firewall is installed and activated by default for all domains that are hosted on the server, so there won't be anything special which you will have to do to protect your sites. It will take you simply a click to stop ModSecurity if required or to turn on its passive mode so that it records what goes on without taking any measures to prevent intrusions. You'll be able to look at the logs produced in passive or active mode via the corresponding section of Hepsia and learn more about the form of the attack, where it originated from, what rule the firewall used to tackle it, and so forth. We employ a mix of commercial and custom rules in order to ensure that ModSecurity will block as many threats as possible, thus improving the protection of your web applications as much as possible.

ModSecurity in Dedicated Web Hosting

ModSecurity is available by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain you create on the hosting server. Just in case that a web app doesn't function properly, you can either switch off the firewall or set it to operate in passive mode. The second means that ModSecurity will maintain a log of any possible attack that could occur, but shall not take any action to prevent it. The logs created in active or passive mode will give you more details about the exact file that was attacked, the nature of the attack and the IP it came from, etcetera. This information shall enable you to choose what actions you can take to boost the safety of your Internet sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated constantly with a commercial package from a third-party security company we work with, but oftentimes our administrators include their own rules too when they identify a new potential threat.