ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is employed to prevent attacks toward script-driven Internet sites by using security rules that contain certain expressions. In this way, the firewall can prevent hacking and spamming attempts and protect even sites that are not updated frequently. For instance, a number of failed login attempts to a script admin area or attempts to execute a certain file with the intention to get access to the script will trigger specific rules, so ModSecurity will block these activities the moment it discovers them. The firewall is extremely efficient since it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it can stop an attack before any damage is done. It also maintains a very thorough log of all attack attempts which features more information than typical Apache logs, so you can later analyze the data and take additional measures to enhance the security of your websites if needed.

ModSecurity in Hosting

ModSecurity is available on all hosting machines, so when you choose to host your Internet sites with our company, they will be resistant to a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you will need to do on your end. You shall be able to stop ModSecurity for any website if necessary, or to switch on a detection mode, so that all activity shall be recorded, but the firewall will not take any real action. You will be able to view comprehensive logs via your Hepsia Control Panel including the IP address where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. As we take the safety of our customers' sites very seriously, we use a set of commercial rules which we take from one of the top companies which maintain this type of rules. Our admins also include custom rules to ensure that your sites shall be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Hosting

Any web application that you install in your new semi-dedicated hosting account shall be protected by ModSecurity because the firewall is provided with all our hosting solutions and is activated by default for any domain and subdomain you include or create using your Hepsia hosting CP. You will be able to manage ModSecurity through a dedicated section inside Hepsia where not simply can you activate or deactivate it completely, but you could also enable a passive mode, so the firewall won't block anything, but it'll still keep an archive of possible attacks. This takes just a mouse click and you'll be able to view the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was dealt with, etc. The firewall employs two sets of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one that our admins update personally in order to respond to recently discovered risks as fast as possible.

ModSecurity in VPS Web Hosting

All virtual private servers that are set up with the Hepsia Control Panel come with ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the web server, so there shall not be anything special that you shall have to do to protect your sites. It'll take you simply a mouse click to stop ModSecurity if needed or to activate its passive mode so that it records what occurs without taking any measures to stop intrusions. You shall be able to view the logs created in active or passive mode from the corresponding section of Hepsia and discover more about the form of the attack, where it originated from, what rule the firewall employed to deal with it, etcetera. We employ a mixture of commercial and custom rules in order to make certain that ModSecurity will prevent as many risks as possible, therefore increasing the protection of your web programs as much as possible.

ModSecurity in Dedicated Servers Hosting

ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the web server. In the event that a web application doesn't function properly, you could either disable the firewall or set it to function in passive mode. The latter means that ModSecurity shall maintain a log of any potential attack that may occur, but will not take any action to prevent it. The logs generated in active or passive mode will offer you additional details about the exact file that was attacked, the nature of the attack and the IP it originated from, and so on. This information will allow you to choose what measures you can take to boost the protection of your websites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we employ are updated regularly with a commercial package from a third-party security provider we work with, but occasionally our staff include their own rules as well in the event that they discover a new potential threat.