ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is employed to prevent attacks against script-driven sites by employing security rules which contain particular expressions. This way, the firewall can block hacking and spamming attempts and protect even websites which are not updated often. For example, several failed login attempts to a script administrator area or attempts to execute a certain file with the intention to get access to the script will trigger certain rules, so ModSecurity shall block these activities the instant it identifies them. The firewall is incredibly efficient since it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it can stop an attack before any harm is done. It additionally maintains an exceptionally thorough log of all attack attempts that contains more information than standard Apache logs, so you could later examine the data and take further measures to boost the security of your sites if needed.

ModSecurity in Cloud Web Hosting

ModSecurity is offered with each cloud web hosting solution which we provide and it's turned on by default for any domain or subdomain which you include via your Hepsia Control Panel. If it interferes with any of your programs or you would like to disable it for some reason, you'll be able to do that through the ModSecurity area of Hepsia with only a mouse click. You could also enable a passive mode, so the firewall will recognize potential attacks and maintain a log, but will not take any action. You could view extensive logs in the exact same section, including the IP address where the attack came from, what exactly the attacker tried to do and at what time, what ModSecurity did, etc. For maximum security of our customers we use a set of commercial firewall rules combined with custom ones which are provided by our system administrators.

ModSecurity in Semi-dedicated Servers

Any web program which you install within your new semi-dedicated server account will be protected by ModSecurity because the firewall comes with all our hosting plans and is turned on by default for any domain and subdomain you include or create using your Hepsia hosting Control Panel. You shall be able to manage ModSecurity through a dedicated area in Hepsia where not only could you activate or deactivate it fully, but you may also enable a passive mode, so the firewall won't block anything, but it shall still maintain a record of potential attacks. This normally requires only a click and you'll be able to view the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, etc. The firewall employs two sets of rules on our web servers - a commercial one that we get from a third-party web security firm and a custom one which our admins update personally in order to respond to recently discovered threats at the earliest opportunity.

ModSecurity in VPS Servers

Safety is vital to us, so we set up ModSecurity on all VPS servers which are made available with the Hepsia CP as a standard. The firewall can be managed via a dedicated section within Hepsia and is activated automatically when you include a new domain or create a subdomain, so you'll not need to do anything personally. You shall also be able to disable it or activate the so-called detection mode, so it shall maintain a log of potential attacks that you can later analyze, but will not stop them. The logs in both passive and active modes include details regarding the kind of the attack and how it was stopped, what IP address it came from and other useful info which may help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. On top of the commercial rules that we get for ModSecurity from a third-party security enterprise, we also use our own rules because every now and then we discover specific attacks that are not yet present in the commercial group. That way, we can increase the protection of your VPS promptly rather than waiting for an official update.

ModSecurity in Dedicated Servers

When you choose to host your Internet sites on a dedicated server with the Hepsia CP, your web applications will be protected right from the start because ModSecurity is available with all Hepsia-based packages. You shall be able to regulate the firewall with ease and if necessary, you shall be able to turn it off or switch on its passive mode when it will only maintain a log of what's happening without taking any action to stop potential attacks. The logs that you'll find inside the very same section of the Control Panel are extremely detailed and include details about the attacker IP address, what website and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, etcetera. This data shall allow you to take measures and enhance the security of your websites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our administrators add when they identify attacks that haven't yet been included in the commercial pack.