ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It is employed to stop attacks against script-driven sites through the use of security rules which contain certain expressions. This way, the firewall can stop hacking and spamming attempts and preserve even websites which are not updated often. As an example, numerous unsuccessful login attempts to a script administrator area or attempts to execute a certain file with the intention to get access to the script shall trigger specific rules, so ModSecurity will block out these activities the minute it detects them. The firewall is quite efficient as it screens the entire HTTP traffic to a website in real time without slowing it down, so it can stop an attack before any damage is done. It also keeps an exceptionally thorough log of all attack attempts which features more info than conventional Apache logs, so you could later examine the data and take additional measures to enhance the security of your Internet sites if necessary.

ModSecurity in Shared Website Hosting

ModSecurity is offered with each shared website hosting solution that we provide and it's activated by default for any domain or subdomain which you add via your Hepsia CP. In case it disrupts any of your programs or you would like to disable it for whatever reason, you shall be able to do this through the ModSecurity area of Hepsia with simply a mouse click. You may also use a passive mode, so the firewall will detect possible attacks and keep a log, but won't take any action. You can view detailed logs in the very same section, including the IP address where the attack originated from, what precisely the attacker attempted to do and at what time, what ModSecurity did, etc. For max safety of our customers we use a group of commercial firewall rules blended with custom ones which are provided by our system administrators.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans that we offer feature ModSecurity and since the firewall is enabled by default, any website which you build under a domain or a subdomain shall be secured immediately. A separate section in the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it will allow you to start and stop the firewall for any website or activate a detection mode. With the last mentioned, ModSecurity shall not take any action, but it will still identify possible attacks and will keep all information in a log as if it were completely active. The logs can be found inside the very same section of the Control Panel and they feature information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules we employ on our servers are a mix between commercial ones from a security business and custom ones created by our system administrators. Therefore, we provide greater security for your web apps as we can defend them from attacks even before security corporations release updates for completely new threats.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting CP, so your web programs will be secured from the instant your server is in a position. The firewall is turned on by default for any domain or subdomain on the VPS, but if needed, you could disable it with a click of your mouse via the corresponding section of Hepsia. You may also set it to function in detection mode, so it'll maintain a comprehensive log of any possible attacks without taking any action to prevent them. The logs are available inside the very same section and offer info about the nature of the attack, what IP it came from and what ModSecurity rule was triggered to stop it. For maximum security, we use not just commercial rules from a firm working in the field of web security, but also custom ones that our admins include personally in order to react to new risks that are still not addressed in the commercial rules.

ModSecurity in Dedicated Hosting

ModSecurity is available as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the server. In case that a web app does not function properly, you may either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity will keep a log of any possible attack that may take place, but won't take any action to stop it. The logs generated in passive or active mode will offer you more details about the exact file that was attacked, the nature of the attack and the IP it originated from, etc. This information will enable you to determine what steps you can take to increase the safety of your sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated frequently with a commercial bundle from a third-party security provider we work with, but oftentimes our administrators include their own rules also when they find a new potential threat.