ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's used to stop attacks against script-driven sites by using security rules that contain specific expressions. In this way, the firewall can prevent hacking and spamming attempts and protect even Internet sites which are not updated on a regular basis. For instance, several failed login attempts to a script administrative area or attempts to execute a certain file with the purpose to get access to the script shall trigger specific rules, so ModSecurity shall block out these activities the second it identifies them. The firewall is quite efficient since it tracks the entire HTTP traffic to a site in real time without slowing it down, so it can prevent an attack before any harm is done. It also keeps an incredibly comprehensive log of all attack attempts that contains more information than typical Apache logs, so you could later analyze the data and take additional measures to enhance the security of your Internet sites if required.

ModSecurity in Cloud Hosting

ModSecurity comes by default with all cloud hosting solutions that we provide and it will be switched on automatically for any domain or subdomain which you add/create inside your Hepsia hosting Control Panel. The firewall has three different modes, so you can switch on and deactivate it with just a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it'll not do anything to prevent them. The log for each of your sites will feature detailed info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules which we use are frequently updated and include both commercial ones we get from a third-party security firm and custom ones that our system admins include in the event that they detect a new kind of attacks. In this way, the sites which you host here will be far more secure with no action required on your end.

ModSecurity in Semi-dedicated Hosting

We have included ModSecurity by default inside all semi-dedicated hosting products, so your web apps will be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts will allow you to activate or turn off the firewall for any Internet site with a click. You will also be able to switch on a passive detection mode through which ModSecurity shall keep a log of possible attacks without really preventing them. The detailed logs include things like the nature of the attack and what ModSecurity response this attack caused, where it came from, and so forth. The list of rules which we use is constantly updated as to match any new risks which may appear on the Internet and it features both commercial rules that we get from a security business and custom-written ones that our administrators add if they find a threat which is not present in the commercial list yet.

ModSecurity in VPS

All virtual private servers which are provided with the Hepsia Control Panel include ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the machine, so there shall not be anything special which you shall have to do to protect your sites. It will take you simply a click to stop ModSecurity if needed or to switch on its passive mode so that it records what happens without taking any steps to stop intrusions. You shall be able to view the logs generated in passive or active mode via the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall used to take care of it, and so on. We employ a mix of commercial and custom rules so as to ensure that ModSecurity shall block out as many risks as possible, thus enhancing the protection of your web apps as much as possible.

ModSecurity in Dedicated Hosting

ModSecurity is provided with all dedicated servers which are integrated with our Hepsia CP and you won't need to do anything specific on your end to employ it since it is turned on by default whenever you include a new domain or subdomain on your web server. In case it disrupts any of your apps, you'll be able to stop it through the respective section of Hepsia, or you can leave it working in passive mode, so it will detect attacks and will still maintain a log for them, but will not block them. You'll be able to look at the logs later to determine what you can do to boost the protection of your websites as you will find info such as where an intrusion attempt originated from, what site was attacked and based upon what rule ModSecurity responded, etc. The rules that we employ are commercial, hence they are constantly updated by a security provider, but to be on the safe side, our staff also add custom rules from time to time as to react to any new threats they have identified.