ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is used to stop attacks toward script-driven Internet sites by using security rules which contain particular expressions. This way, the firewall can block hacking and spamming attempts and preserve even websites which aren't updated frequently. For instance, several unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the purpose to get access to the script shall trigger specific rules, so ModSecurity shall block these activities the instant it detects them. The firewall is extremely efficient because it monitors the whole HTTP traffic to a site in real time without slowing it down, so it can easily stop an attack before any damage is done. It also maintains a very comprehensive log of all attack attempts that includes more information than traditional Apache logs, so you can later analyze the data and take further measures to improve the security of your websites if required.

ModSecurity in Cloud Hosting

ModSecurity is supplied with all cloud hosting web servers, so when you decide to host your websites with our business, they shall be shielded from a wide range of attacks. The firewall is turned on as standard for all domains and subdomains, so there will be nothing you shall need to do on your end. You'll be able to stop ModSecurity for any Internet site if required, or to enable a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You'll be able to view comprehensive logs via your Hepsia Control Panel including the IP where the attack originated from, what the attacker wished to do and how ModSecurity addressed the threat. Since we take the security of our clients' Internet sites seriously, we employ a selection of commercial rules that we get from one of the top firms that maintain this kind of rules. Our administrators also add custom rules to ensure that your Internet sites shall be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Servers

We've included ModSecurity as a standard in all semi-dedicated server plans, so your web apps will be protected whenever you install them under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts shall permit you to activate or disable the firewall for any site with a mouse click. You will also have the ability to switch on a passive detection mode through which ModSecurity shall keep a log of possible attacks without really preventing them. The comprehensive logs include the nature of the attack and what ModSecurity response this attack generated, where it came from, and so forth. The list of rules we employ is frequently updated in order to match any new risks that could appear on the Internet and it consists of both commercial rules that we get from a security company and custom-written ones which our administrators include if they discover a threat that's not present inside the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are offered with the Hepsia hosting Control Panel, so your web apps will be secured from the moment your server is ready. The firewall is activated by default for any domain or subdomain on the VPS, but if necessary, you can deactivate it with a click of your mouse from the corresponding section of Hepsia. You may also set it to function in detection mode, so it'll maintain a detailed log of any possible attacks without taking any action to stop them. The logs are available inside the same section and include info about the nature of the attack, what IP it originated from and what ModSecurity rule was initiated to stop it. For maximum security, we employ not simply commercial rules from a company working in the field of web security, but also custom ones that our admins add personally in order to respond to new risks which are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is provided as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the hosting server. In the event that a web application does not operate properly, you can either switch off the firewall or set it to work in passive mode. The latter means that ModSecurity will keep a log of any potential attack which might occur, but shall not take any action to stop it. The logs generated in passive or active mode will provide you with more details about the exact file which was attacked, the nature of the attack and the IP address it originated from, and so on. This data will allow you to choose what actions you can take to increase the safety of your sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated regularly with a commercial bundle from a third-party security provider we work with, but occasionally our staff add their own rules too in the event that they discover a new potential threat.