ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's used to prevent attacks against script-driven Internet sites by using security rules which contain particular expressions. This way, the firewall can stop hacking and spamming attempts and protect even websites that aren't updated regularly. As an example, numerous failed login attempts to a script admin area or attempts to execute a particular file with the intention to get access to the script shall trigger certain rules, so ModSecurity shall block these activities the instant it identifies them. The firewall is incredibly efficient since it monitors the entire HTTP traffic to a site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It also keeps an exceptionally comprehensive log of all attack attempts that contains more information than traditional Apache logs, so you can later analyze the data and take additional measures to enhance the security of your websites if required.

ModSecurity in Hosting

We offer ModSecurity with all hosting solutions, so your web apps shall be shielded from harmful attacks. The firewall is switched on as standard for all domains and subdomains, but in case you'd like, you'll be able to stop it via the respective section of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you'll discover in Hepsia are extremely detailed and offer information about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, etcetera. We employ a range of commercial rules which are regularly updated, but sometimes our admins include custom rules as well in order to better protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

Any web application which you set up inside your new semi-dedicated server account will be protected by ModSecurity as the firewall comes with all our hosting packages and is turned on by default for any domain and subdomain that you add or create using your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated area in Hepsia where not simply could you activate or deactivate it fully, but you could also activate a passive mode, so the firewall shall not stop anything, but it'll still keep an archive of possible attacks. This takes just a mouse click and you shall be able to look at the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was handled, and so on. The firewall uses 2 sets of rules on our web servers - a commercial one that we get from a third-party web security provider and a custom one which our administrators update personally in order to respond to newly discovered threats at the earliest opportunity.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are provided with the Hepsia hosting Control Panel, so your web applications shall be protected from the moment your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if required, you can disable it with a click through the corresponding section of Hepsia. You can also set it to operate in detection mode, so it will keep an extensive log of any potential attacks without taking any action to prevent them. The logs are available within the very same section and include info about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For best security, we employ not only commercial rules from a business operating in the field of web security, but also custom ones that our admins add personally in order to respond to new risks that are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers

All our dedicated servers that are installed with the Hepsia hosting CP come with ModSecurity, so any app that you upload or install will be secured from the very beginning and you will not have to concern yourself with common attacks or vulnerabilities. An independent section inside Hepsia will enable you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records info about intrusions, but doesn't take actions to prevent them. What you'll see in the logs shall help you to secure your sites better - the IP address an attack came from, what website was attacked and in what way, what ModSecurity rule was triggered, etc. With this information, you could see whether an Internet site needs an update, if you ought to block IPs from accessing your server, etcetera. On top of the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones as well if they come across a new threat which is not yet a part of the commercial bundle.