ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's used to prevent attacks toward script-driven sites by using security rules that contain specific expressions. This way, the firewall can stop hacking and spamming attempts and shield even websites that aren't updated on a regular basis. For example, multiple failed login attempts to a script administrative area or attempts to execute a certain file with the purpose to get access to the script shall trigger specific rules, so ModSecurity will block these activities the second it identifies them. The firewall is very efficient since it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it will be able to stop an attack before any damage is done. It furthermore maintains an incredibly thorough log of all attack attempts that features more information than traditional Apache logs, so you can later check out the data and take further measures to boost the security of your Internet sites if necessary.

ModSecurity in Cloud Hosting

ModSecurity comes by default with all cloud hosting packages that we provide and it will be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you can activate and disable it with simply a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it'll not do anything to prevent them. The log for each of your Internet sites shall feature in-depth information such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are frequently updated and include both commercial ones which we get from a third-party security firm and custom ones which our system administrators add in case that they detect a new kind of attacks. In this way, the sites which you host here will be a lot more protected with no action needed on your end.

ModSecurity in Semi-dedicated Servers

We have incorporated ModSecurity by default inside all semi-dedicated server packages, so your web applications will be protected the instant you set them up under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts will permit you to activate or disable the firewall for any Internet site with a click. You shall also be able to turn on a passive detection mode through which ModSecurity will maintain a log of potential attacks without really stopping them. The thorough logs include things like the nature of the attack and what ModSecurity response this attack triggered, where it came from, etc. The list of rules we employ is constantly updated in order to match any new risks that may appear on the Internet and it features both commercial rules that we get from a security business and custom-written ones which our administrators add in the event that they discover a threat that's not present in the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers which we offer and it'll be turned on automatically for any new domain or subdomain you include on the server. This way, any web application you install shall be secured right from the start without doing anything manually on your end. The firewall may be managed via the section of the Control Panel that has the same name. This is the area in whichyou could turn off ModSecurity or enable its passive mode, so it won't take any action towards threats, but shall still keep a thorough log. The recorded info is available in the same section as well and you'll be able to see what IPs any attacks came from so that you stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules we use on our servers are a blend between commercial ones that we get from a security firm and custom ones that are added by our administrators to improve the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers that are set up with our Hepsia Control Panel and you won't have to do anything specific on your end to employ it because it is switched on by default each time you add a new domain or subdomain on your server. In case it disrupts any of your applications, you will be able to stop it through the respective part of Hepsia, or you could leave it in passive mode, so it'll recognize attacks and will still maintain a log for them, but will not prevent them. You may look at the logs later to learn what you can do to enhance the protection of your websites as you will find information such as where an intrusion attempt came from, what website was attacked and in accordance with what rule ModSecurity reacted, etc. The rules that we employ are commercial, hence they're regularly updated by a security provider, but to be on the safe side, our administrators also add custom rules once in a while in order to deal with any new threats they have found.