ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is used to stop attacks toward script-driven sites by employing security rules which contain specific expressions. This way, the firewall can prevent hacking and spamming attempts and shield even websites that aren't updated on a regular basis. For example, a number of failed login attempts to a script admin area or attempts to execute a specific file with the intention to get access to the script shall trigger particular rules, so ModSecurity shall block these activities the instant it discovers them. The firewall is quite efficient because it screens the entire HTTP traffic to a website in real time without slowing it down, so it could stop an attack before any harm is done. It also maintains a very thorough log of all attack attempts which contains more information than standard Apache logs, so you can later analyze the data and take additional measures to improve the security of your Internet sites if necessary.

ModSecurity in Cloud Website Hosting

We offer ModSecurity with all cloud website hosting plans, so your web apps shall be shielded from destructive attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you will be able to stop it using the respective part of your Hepsia CP. You can also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you will find in Hepsia are incredibly detailed and offer data about the nature of any attack, when it took place and from what IP address, the firewall rule that was triggered, and so on. We employ a group of commercial rules that are often updated, but sometimes our administrators add custom rules as well so as to better protect the Internet sites hosted on our machines.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server solutions and if you opt to host your Internet sites with us, there shall not be anything special you'll need to do given that the firewall is activated by default for all domains and subdomains you add through your hosting CP. If required, you could disable ModSecurity for a particular Internet site or turn on the so-called detection mode in which case the firewall shall still function and record data, but will not do anything to prevent potential attacks against your sites. Detailed logs will be accessible within your Control Panel and you'll be able to see which kind of attacks happened, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, etc. We employ two sorts of rules on our servers - commercial ones from a business that operates in the field of web security, and custom ones that our admins often add to respond to newly discovered threats promptly.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are provided with the Hepsia hosting CP, so your web programs shall be secured from the moment your server is ready. The firewall is activated by default for any domain or subdomain on the VPS, but if necessary, you can disable it with a mouse click through the corresponding section of Hepsia. You can also set it to operate in detection mode, so it will maintain a detailed log of any potential attacks without taking any action to prevent them. The logs are available within the very same section and include information about the nature of the attack, what IP address it originated from and what ModSecurity rule was initiated to stop it. For maximum security, we employ not just commercial rules from a company working in the field of web security, but also custom ones our admins add manually so as to respond to new risks that are still not addressed in the commercial rules.

ModSecurity in Dedicated Servers

All our dedicated servers which are installed with the Hepsia hosting CP include ModSecurity, so any application you upload or install will be protected from the very beginning and you won't need to concern yourself with common attacks or vulnerabilities. An individual section inside Hepsia will enable you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records details about intrusions, but does not take actions to prevent them. What you'll find in the logs can easily allow you to to secure your websites better - the IP an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, etcetera. With this data, you could see if a site needs an update, if you ought to block IPs from accessing your hosting server, etc. In addition to the third-party commercial security rules for ModSecurity which we use, our admins include custom ones as well whenever they find a new threat that is not yet included in the commercial bundle.