ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It is used to stop attacks towards script-driven websites by using security rules which contain particular expressions. In this way, the firewall can prevent hacking and spamming attempts and preserve even websites that aren't updated frequently. As an example, numerous unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the objective to get access to the script will trigger particular rules, so ModSecurity will block out these activities the moment it identifies them. The firewall is extremely efficient because it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it could stop an attack before any damage is done. It also maintains an exceptionally thorough log of all attack attempts which includes more information than standard Apache logs, so you can later analyze the data and take further measures to boost the security of your websites if needed.

ModSecurity in Web Hosting

ModSecurity can be found with each web hosting plan which we provide and it's switched on by default for every domain or subdomain which you add through your Hepsia CP. If it interferes with any of your apps or you would like to disable it for some reason, you'll be able to do this through the ModSecurity area of Hepsia with merely a click. You could also activate a passive mode, so the firewall will identify potential attacks and keep a log, but will not take any action. You'll be able to view detailed logs in the exact same section, including the IP address where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etc. For maximum security of our clients we use a group of commercial firewall rules blended with custom ones which are included by our system admins.

ModSecurity in Semi-dedicated Servers

We've integrated ModSecurity by default within all semi-dedicated server plans, so your web apps will be protected the instant you install them under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will allow you to switch on or turn off the firewall for any website with a mouse click. You shall also be able to turn on a passive detection mode in which ModSecurity shall keep a log of potential attacks without actually preventing them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack activated, where it came from, etc. The list of rules that we use is regularly updated in order to match any new risks that could appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones which our admins include if they find a threat that is not present within the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is included with all Hepsia-based VPS servers we offer and it'll be turned on automatically for every new domain or subdomain which you add on the hosting server. In this way, any web application which you install shall be protected from the very beginning without doing anything personally on your end. The firewall can be managed via the section of the CP that has the same name. This is the area whereyou could turn off ModSecurity or activate its passive mode, so it shall not take any action toward threats, but shall still maintain a detailed log. The recorded info is available inside the same area as well and you'll be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules that we employ on our servers are a mix between commercial ones we get from a security organization and custom ones which are added by our administrators to maximize the security of any web applications hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers which are integrated with our Hepsia CP and you won't need to do anything specific on your end to employ it since it is switched on by default every time you include a new domain or subdomain on your hosting server. If it interferes with any of your apps, you'll be able to stop it through the respective section of Hepsia, or you may leave it operating in passive mode, so it will identify attacks and will still keep a log for them, but shall not block them. You could analyze the logs later to learn what you can do to improve the safety of your websites since you'll find information such as where an intrusion attempt originated from, what site was attacked and in accordance with what rule ModSecurity responded, and so on. The rules that we employ are commercial, thus they're constantly updated by a security firm, but to be on the safe side, our staff also add custom rules once in a while as to deal with any new threats they have identified.