ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's used to stop attacks against script-driven Internet sites through the use of security rules which contain particular expressions. In this way, the firewall can prevent hacking and spamming attempts and shield even sites that aren't updated on a regular basis. For instance, multiple failed login attempts to a script administrator area or attempts to execute a certain file with the intention to get access to the script will trigger certain rules, so ModSecurity shall stop these activities the second it discovers them. The firewall is very efficient since it monitors the whole HTTP traffic to a site in real time without slowing it down, so it could stop an attack before any harm is done. It additionally keeps an exceptionally thorough log of all attack attempts which features more info than standard Apache logs, so you can later analyze the data and take additional measures to increase the security of your Internet sites if required.

ModSecurity in Cloud Web Hosting

ModSecurity comes standard with all cloud web hosting plans which we provide and it will be turned on automatically for any domain or subdomain you add/create within your Hepsia hosting CP. The firewall has three different modes, so you could activate and deactivate it with only a click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to prevent them. The log for any of your Internet sites will contain elaborate info including the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules which we use are regularly updated and include both commercial ones we get from a third-party security business and custom ones that our system administrators include in the event that they detect a new type of attacks. That way, the sites which you host here shall be way more secure with no action required on your end.

ModSecurity in Semi-dedicated Servers

Any web program you set up in your new semi-dedicated server account shall be protected by ModSecurity as the firewall comes with all our hosting solutions and is turned on by default for any domain and subdomain you include or create using your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated area inside Hepsia where not simply can you activate or deactivate it completely, but you can also switch on a passive mode, so the firewall won't stop anything, but it'll still keep an archive of potential attacks. This requires just a click and you will be able to look at the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was taken care of, etcetera. The firewall uses two groups of rules on our web servers - a commercial one which we get from a third-party web security provider and a custom one that our admins update manually as to respond to newly discovered threats immediately.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are offered with the Hepsia hosting CP, so your web applications will be secured from the second your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if needed, you'll be able to disable it with a click of your mouse via the corresponding section of Hepsia. You may also set it to operate in detection mode, so it will keep an extensive log of any potential attacks without taking any action to prevent them. The logs are available inside the very same section and provide information regarding the nature of the attack, what IP it originated from and what ModSecurity rule was activated to stop it. For optimum security, we use not just commercial rules from a firm operating in the field of web security, but also custom ones our administrators add manually in order to react to new threats that are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is available by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the web server. In the event that a web app does not operate correctly, you could either switch off the firewall or set it to operate in passive mode. The latter means that ModSecurity will keep a log of any potential attack that could take place, but will not take any action to stop it. The logs produced in active or passive mode will provide you with additional details about the exact file which was attacked, the nature of the attack and the IP address it originated from, etcetera. This info will allow you to choose what measures you can take to improve the safety of your websites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we employ are updated often with a commercial pack from a third-party security company we work with, but sometimes our staff include their own rules too if they discover a new potential threat.