ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's used to prevent attacks toward script-driven Internet sites through the use of security rules that contain certain expressions. In this way, the firewall can block hacking and spamming attempts and preserve even sites which are not updated on a regular basis. For instance, numerous failed login attempts to a script administrator area or attempts to execute a particular file with the intention to get access to the script shall trigger certain rules, so ModSecurity will stop these activities the minute it identifies them. The firewall is quite efficient since it monitors the whole HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any damage is done. It also maintains a very thorough log of all attack attempts which includes more info than typical Apache logs, so you could later examine the data and take further measures to increase the security of your websites if necessary.

ModSecurity in Cloud Web Hosting

We provide ModSecurity with all cloud web hosting plans, so your web applications shall be shielded from destructive attacks. The firewall is switched on by default for all domains and subdomains, but if you'd like, you'll be able to stop it through the respective section of your Hepsia CP. You can also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you will discover in Hepsia are extremely detailed and offer data about the nature of any attack, when it took place and from what IP address, the firewall rule that was triggered, etcetera. We employ a set of commercial rules which are often updated, but sometimes our administrators include custom rules as well in order to efficiently protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Servers

Any web program which you set up inside your new semi-dedicated server account will be protected by ModSecurity because the firewall comes with all our hosting solutions and is turned on by default for any domain and subdomain which you include or create through your Hepsia hosting Control Panel. You will be able to manage ModSecurity via a dedicated area inside Hepsia where not simply could you activate or deactivate it completely, but you can also switch on a passive mode, so the firewall shall not stop anything, but it will still keep a record of potential attacks. This takes simply a mouse click and you'll be able to look at the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, etcetera. The firewall employs two groups of rules on our web servers - a commercial one that we get from a third-party web security provider and a custom one which our admins update manually as to respond to recently discovered threats as fast as possible.

ModSecurity in VPS Servers

All VPS servers which are provided with the Hepsia Control Panel come with ModSecurity. The firewall is installed and activated by default for all domains that are hosted on the web server, so there shall not be anything special that you shall have to do to protect your sites. It'll take you only a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what happens without taking any steps to prevent intrusions. You will be able to see the logs produced in active or passive mode via the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall employed to take care of it, and so on. We employ a combination of commercial and custom rules in order to make certain that ModSecurity will prevent as many threats as possible, consequently boosting the protection of your web apps as much as possible.

ModSecurity in Dedicated Servers

When you choose to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web apps shall be secured right from the start as ModSecurity is supplied with all Hepsia-based packages. You will be able to regulate the firewall easily and if required, you shall be able to turn it off or switch on its passive mode when it'll only maintain a log of what's occurring without taking any action to prevent possible attacks. The logs that you will find inside the very same section of the Control Panel are extremely detailed and contain details about the attacker IP, what site and file were attacked and in what ways, what rule the firewall used to stop the intrusion, etc. This info will enable you to take measures and improve the security of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our administrators include every time they identify attacks which have not yet been included inside the commercial pack.