ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's employed to prevent attacks against script-driven Internet sites through the use of security rules which contain certain expressions. This way, the firewall can stop hacking and spamming attempts and shield even Internet sites that are not updated on a regular basis. For instance, a number of unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the intention to get access to the script shall trigger specific rules, so ModSecurity will block these activities the second it detects them. The firewall is quite efficient as it screens the entire HTTP traffic to a site in real time without slowing it down, so it can easily stop an attack before any harm is done. It also maintains a very comprehensive log of all attack attempts that includes more information than conventional Apache logs, so you can later analyze the data and take extra measures to improve the security of your sites if necessary.

ModSecurity in Cloud Hosting

We offer ModSecurity with all cloud hosting plans, so your web apps will be shielded from harmful attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you shall be able to stop it using the respective part of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you will discover within Hepsia are very detailed and feature information about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, etcetera. We employ a set of commercial rules which are constantly updated, but sometimes our admins add custom rules as well so as to efficiently protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting packages and if you decide to host your sites with our company, there shall not be anything special you'll have to do given that the firewall is turned on by default for all domains and subdomains that you add via your hosting Control Panel. If required, you can disable ModSecurity for a certain Internet site or enable the so-called detection mode in which case the firewall will still work and record info, but will not do anything to prevent possible attacks on your Internet sites. Comprehensive logs will be accessible within your Control Panel and you'll be able to see what sort of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, etcetera. We use 2 sorts of rules on our servers - commercial ones from a company which operates in the field of web security, and custom ones that our admins sometimes include to respond to newly discovered risks on time.

ModSecurity in VPS Hosting

ModSecurity is pre-installed on all virtual private servers which are offered with the Hepsia hosting CP, so your web apps shall be protected from the instant your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if necessary, you can disable it with a mouse click through the corresponding section of Hepsia. You may also set it to work in detection mode, so it shall maintain an extensive log of any potential attacks without taking any action to prevent them. The logs can be found inside the very same section and offer info about the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For optimum security, we use not just commercial rules from a company working in the field of web security, but also custom ones that our admins add manually in order to react to new threats that are still not addressed in the commercial rules.

ModSecurity in Dedicated Web Hosting

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain you create on the web server. In the event that a web app does not function adequately, you could either disable the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any potential attack which might occur, but shall not take any action to stop it. The logs generated in passive or active mode will give you more details about the exact file which was attacked, the form of the attack and the IP address it came from, etc. This data will permit you to decide what steps you can take to improve the protection of your sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules which we use are updated often with a commercial package from a third-party security provider we work with, but oftentimes our staff add their own rules also in case they discover a new potential threat.