ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is used to stop attacks towards script-driven websites by employing security rules that contain certain expressions. This way, the firewall can stop hacking and spamming attempts and preserve even websites which are not updated on a regular basis. For instance, numerous failed login attempts to a script administrator area or attempts to execute a certain file with the intention to get access to the script shall trigger certain rules, so ModSecurity shall block out these activities the moment it discovers them. The firewall is extremely efficient since it tracks the entire HTTP traffic to a site in real time without slowing it down, so it can stop an attack before any harm is done. It also keeps an exceptionally comprehensive log of all attack attempts which features more information than traditional Apache logs, so you can later analyze the data and take extra measures to boost the security of your sites if needed.

ModSecurity in Hosting

We provide ModSecurity with all hosting packages, so your web apps will be shielded from destructive attacks. The firewall is activated by default for all domains and subdomains, but if you'd like, you will be able to stop it via the respective part of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you shall find in Hepsia are incredibly detailed and include info about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, etc. We use a set of commercial rules that are frequently updated, but sometimes our administrators include custom rules as well so as to better protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

We have integrated ModSecurity as a standard in all semi-dedicated server plans, so your web applications shall be protected whenever you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall permit you to switch on or turn off the firewall for any website with a click. You'll also be able to switch on a passive detection mode in which ModSecurity shall keep a log of potential attacks without really preventing them. The detailed logs include the nature of the attack and what ModSecurity response that attack caused, where it came from, etcetera. The list of rules we use is frequently updated as to match any new risks that could appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones that our administrators include in case they find a threat that's not present within the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers which we offer and it shall be turned on automatically for any new domain or subdomain you add on the server. This way, any web app which you install will be protected immediately without doing anything by hand on your end. The firewall can be managed from the section of the CP that has the same name. This is the area in whichyou could disable ModSecurity or enable its passive mode, so it shall not take any action towards threats, but will still maintain a comprehensive log. The recorded information is available within the same section as well and you'll be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules which we employ on our servers are a combination between commercial ones that we get from a security firm and custom ones that are added by our admins to improve the security of any web applications hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is provided as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain you create on the hosting server. In the event that a web application does not function correctly, you could either switch off the firewall or set it to operate in passive mode. The second means that ModSecurity will maintain a log of any possible attack which might happen, but will not take any action to prevent it. The logs created in passive or active mode will provide you with more details about the exact file that was attacked, the form of the attack and the IP it originated from, and so on. This info will enable you to determine what actions you can take to enhance the safety of your Internet sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated frequently with a commercial pack from a third-party security firm we work with, but from time to time our admins include their own rules also in case they come across a new potential threat.