ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is employed to prevent attacks against script-driven Internet sites by using security rules which contain specific expressions. In this way, the firewall can block hacking and spamming attempts and shield even websites which aren't updated frequently. As an example, numerous failed login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script shall trigger specific rules, so ModSecurity shall block these activities the instant it discovers them. The firewall is incredibly efficient because it monitors the whole HTTP traffic to a website in real time without slowing it down, so it can stop an attack before any damage is done. It additionally keeps a very comprehensive log of all attack attempts which contains more information than typical Apache logs, so you could later examine the data and take additional measures to improve the security of your Internet sites if needed.

ModSecurity in Shared Hosting

ModSecurity comes standard with all shared hosting plans that we provide and it shall be activated automatically for any domain or subdomain you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you could activate and disable it with simply a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it will not do anything to stop them. The log for any of your Internet sites will contain elaborate information including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules we use are constantly updated and incorporate both commercial ones we get from a third-party security company and custom ones our system admins add in the event that they detect a new sort of attacks. That way, the websites you host here will be way more protected without any action needed on your end.

ModSecurity in Semi-dedicated Servers

Any web application you install inside your new semi-dedicated server account will be protected by ModSecurity as the firewall is included with all our hosting packages and is activated by default for any domain and subdomain that you add or create through your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated area inside Hepsia where not only can you activate or deactivate it fully, but you can also activate a passive mode, so the firewall won't stop anything, but it'll still maintain an archive of potential attacks. This normally requires simply a mouse click and you will be able to see the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, and so on. The firewall employs two sets of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one that our admins update manually as to respond to recently discovered risks immediately.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are set up with the Hepsia hosting Control Panel, so your web programs will be secured from the instant your server is ready. The firewall is turned on by default for any domain or subdomain on the VPS, but if needed, you'll be able to deactivate it with a click via the corresponding section of Hepsia. You could also set it to function in detection mode, so it shall keep a comprehensive log of any potential attacks without taking any action to prevent them. The logs are available in the very same section and offer info about the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For maximum security, we employ not simply commercial rules from a business operating in the field of web security, but also custom ones our administrators add manually in order to respond to new risks that are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain you create on the web server. In the event that a web app doesn't work adequately, you could either turn off the firewall or set it to function in passive mode. The second means that ModSecurity will maintain a log of any potential attack which may occur, but will not take any action to stop it. The logs produced in active or passive mode shall provide you with additional details about the exact file which was attacked, the form of the attack and the IP address it originated from, and so forth. This info shall permit you to decide what steps you can take to improve the security of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated constantly with a commercial bundle from a third-party security enterprise we work with, but occasionally our admins include their own rules as well in case they discover a new potential threat.