ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's used to prevent attacks towards script-driven sites through the use of security rules that contain specific expressions. In this way, the firewall can stop hacking and spamming attempts and protect even sites that aren't updated regularly. For example, multiple unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the intention to get access to the script shall trigger specific rules, so ModSecurity will block these activities the instant it identifies them. The firewall is very efficient as it monitors the whole HTTP traffic to a site in real time without slowing it down, so it could prevent an attack before any damage is done. It furthermore keeps an exceptionally comprehensive log of all attack attempts that contains more information than conventional Apache logs, so you could later analyze the data and take extra measures to increase the security of your Internet sites if necessary.

ModSecurity in Shared Website Hosting

ModSecurity is offered with each and every shared website hosting package which we provide and it's switched on by default for any domain or subdomain that you add through your Hepsia CP. In the event that it interferes with any of your applications or you'd like to disable it for some reason, you shall be able to accomplish that through the ModSecurity section of Hepsia with simply a click. You can also enable a passive mode, so the firewall will identify potential attacks and keep a log, but will not take any action. You'll be able to view extensive logs in the exact same section, including the IP where the attack came from, what exactly the attacker attempted to do and at what time, what ModSecurity did, etc. For max security of our clients we use a set of commercial firewall rules mixed with custom ones that are added by our system administrators.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans which we offer include ModSecurity and given that the firewall is turned on by default, any site you set up under a domain or a subdomain shall be secured straight away. An independent section inside the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it will enable you to start and stop the firewall for any site or switch on a detection mode. With the last option, ModSecurity will not take any action, but it'll still detect possible attacks and will keep all info within a log as if it were completely active. The logs could be found within the very same section of the CP and they feature specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etcetera. The security rules that we use on our web servers are a mix between commercial ones from a security company and custom ones created by our system admins. As a result, we provide higher security for your web apps as we can shield them from attacks before security firms release updates for new threats.

ModSecurity in VPS

ModSecurity is provided with all Hepsia-based virtual private servers that we offer and it shall be switched on automatically for every new domain or subdomain that you add on the server. This way, any web app you install shall be protected immediately without doing anything by hand on your end. The firewall could be managed through the section of the CP that has the same name. This is the location whereyou'll be able to switch off ModSecurity or enable its passive mode, so it will not take any action against threats, but shall still keep a comprehensive log. The recorded info is available within the same section as well and you will be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules which we employ on our servers are a blend between commercial ones we obtain from a security firm and custom ones that are added by our administrators to maximize the security of any web applications hosted on our end.

ModSecurity in Dedicated Hosting

ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain which you create on the server. In case that a web application doesn't work properly, you can either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity shall keep a log of any possible attack which could take place, but shall not take any action to stop it. The logs created in passive or active mode will present you with more details about the exact file that was attacked, the type of the attack and the IP address it came from, and so forth. This info will permit you to choose what actions you can take to boost the security of your websites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated constantly with a commercial package from a third-party security provider we work with, but from time to time our staff include their own rules as well if they discover a new potential threat.