ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It is used to prevent attacks towards script-driven Internet sites through the use of security rules which contain certain expressions. That way, the firewall can block hacking and spamming attempts and shield even sites which are not updated regularly. For example, multiple unsuccessful login attempts to a script admin area or attempts to execute a specific file with the intention to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the minute it identifies them. The firewall is incredibly efficient since it screens the entire HTTP traffic to a site in real time without slowing it down, so it can easily stop an attack before any damage is done. It furthermore keeps a very detailed log of all attack attempts which includes more info than typical Apache logs, so you could later examine the data and take extra measures to improve the security of your sites if necessary.

ModSecurity in Shared Web Hosting

ModSecurity is supplied with all shared web hosting web servers, so when you decide to host your websites with our business, they will be protected against a wide range of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you shall need to do on your end. You'll be able to stop ModSecurity for any Internet site if necessary, or to switch on a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You will be able to view detailed logs via your Hepsia CP including the IP address where the attack came from, what the attacker wished to do and how ModSecurity addressed the threat. As we take the security of our clients' Internet sites seriously, we use a set of commercial rules which we take from one of the leading firms that maintain this sort of rules. Our admins also include custom rules to make sure that your Internet sites will be protected against as many threats as possible.

ModSecurity in Semi-dedicated Servers

We've incorporated ModSecurity as a standard in all semi-dedicated server products, so your web applications will be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts will allow you to switch on or disable the firewall for any Internet site with a mouse click. You will also be able to activate a passive detection mode with which ModSecurity shall maintain a log of possible attacks without really preventing them. The comprehensive logs include things like the nature of the attack and what ModSecurity response this attack generated, where it came from, and so on. The list of rules which we employ is regularly updated as to match any new risks that might appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones which our administrators include if they find a threat that is not present in the commercial list yet.

ModSecurity in VPS Servers

All VPS servers that are offered with the Hepsia Control Panel come with ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the server, so there will not be anything special which you'll need to do to protect your websites. It shall take you simply a click to stop ModSecurity if necessary or to activate its passive mode so that it records what happens without taking any measures to stop intrusions. You shall be able to see the logs created in passive or active mode through the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall used to tackle it, and so on. We employ a combination of commercial and custom rules in order to ensure that ModSecurity will prevent as many threats as possible, consequently enhancing the security of your web apps as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain that you create on the web server. In case that a web application does not work adequately, you may either disable the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any possible attack that may happen, but will not take any action to prevent it. The logs generated in passive or active mode shall present you with more details about the exact file that was attacked, the type of the attack and the IP address it came from, etc. This information shall enable you to determine what steps you can take to increase the security of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated frequently with a commercial package from a third-party security firm we work with, but oftentimes our administrators include their own rules too if they discover a new potential threat.