ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's employed to stop attacks towards script-driven websites by using security rules which contain particular expressions. This way, the firewall can prevent hacking and spamming attempts and preserve even websites which are not updated on a regular basis. For example, several failed login attempts to a script admin area or attempts to execute a specific file with the intention to get access to the script shall trigger particular rules, so ModSecurity shall block these activities the moment it detects them. The firewall is very efficient as it monitors the whole HTTP traffic to a website in real time without slowing it down, so it can easily stop an attack before any damage is done. It furthermore maintains an incredibly comprehensive log of all attack attempts which includes more info than traditional Apache logs, so you can later examine the data and take additional measures to boost the security of your sites if needed.

ModSecurity in Web Hosting

ModSecurity is supplied with all web hosting machines, so if you opt to host your Internet sites with our firm, they shall be resistant to a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you shall need to do on your end. You shall be able to stop ModSecurity for any Internet site if required, or to enable a detection mode, so all activity will be recorded, but the firewall won't take any real action. You'll be able to view specific logs from your Hepsia Control Panel including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity dealt with the threat. As we take the safety of our clients' websites very seriously, we employ a group of commercial rules that we take from one of the best companies that maintain this type of rules. Our administrators also include custom rules to ensure that your sites shall be protected against as many risks as possible.

ModSecurity in Semi-dedicated Servers

We've included ModSecurity as a standard inside all semi-dedicated server products, so your web applications shall be protected as soon as you install them under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall allow you to switch on or disable the firewall for any site with a mouse click. You'll also have the ability to switch on a passive detection mode through which ModSecurity shall maintain a log of potential attacks without actually stopping them. The comprehensive logs include the nature of the attack and what ModSecurity response this attack activated, where it originated from, and so on. The list of rules we employ is constantly updated in order to match any new risks that may appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones that our admins add in case they find a threat that's not present within the commercial list yet.

ModSecurity in VPS Servers

Safety is very important to us, so we set up ModSecurity on all VPS servers which are set up with the Hepsia Control Panel by default. The firewall could be managed via a dedicated section within Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you won't need to do anything manually. You shall also be able to disable it or switch on the so-called detection mode, so it'll maintain a log of potential attacks which you can later examine, but shall not block them. The logs in both passive and active modes include info regarding the type of the attack and how it was prevented, what IP it originated from and other valuable info which could help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. On top of the commercial rules we get for ModSecurity from a third-party security enterprise, we also employ our own rules as from time to time we detect specific attacks that aren't yet present in the commercial pack. This way, we can easily boost the security of your Virtual private server promptly instead of awaiting an official update.

ModSecurity in Dedicated Servers

ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain you create on the hosting server. Just in case that a web application doesn't work properly, you can either turn off the firewall or set it to function in passive mode. The latter means that ModSecurity will keep a log of any potential attack which might take place, but will not take any action to stop it. The logs created in active or passive mode will provide you with additional details about the exact file that was attacked, the type of the attack and the IP it came from, and so forth. This info will permit you to decide what actions you can take to enhance the protection of your websites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial pack from a third-party security provider we work with, but oftentimes our staff include their own rules as well in case they come across a new potential threat.