ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's employed to prevent attacks toward script-driven sites through the use of security rules that contain certain expressions. That way, the firewall can prevent hacking and spamming attempts and preserve even sites that aren't updated regularly. For instance, numerous unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the intention to get access to the script will trigger specific rules, so ModSecurity will stop these activities the minute it detects them. The firewall is incredibly efficient because it screens the entire HTTP traffic to a site in real time without slowing it down, so it can easily stop an attack before any damage is done. It furthermore maintains an incredibly thorough log of all attack attempts that features more information than conventional Apache logs, so you could later analyze the data and take further measures to increase the security of your websites if needed.

ModSecurity in Hosting

ModSecurity comes standard with all hosting packages which we supply and it shall be turned on automatically for any domain or subdomain that you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you'll be able to activate and disable it with only a click or set it to detection mode, so it will keep a log of all attacks, but it shall not do anything to stop them. The log for each of your sites shall feature detailed information including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules that we use are frequently updated and include both commercial ones that we get from a third-party security company and custom ones our system admins add in case that they detect a new kind of attacks. That way, the websites you host here shall be a lot more protected without any action required on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages that we offer come with ModSecurity and because the firewall is enabled by default, any site that you set up under a domain or a subdomain will be secured immediately. A separate section inside the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll enable you to start and stop the firewall for any website or switch on a detection mode. With the last option, ModSecurity won't take any action, but it will still detect possible attacks and will keep all data within a log as if it were completely active. The logs could be found within the exact same section of the Control Panel and they feature details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etcetera. The security rules which we use on our web servers are a mix between commercial ones from a security company and custom ones created by our system administrators. Consequently, we provide greater security for your web programs as we can shield them from attacks before security businesses release updates for brand new threats.

ModSecurity in VPS Servers

All VPS servers that are provided with the Hepsia Control Panel include ModSecurity. The firewall is installed and activated by default for all domains that are hosted on the machine, so there shall not be anything special which you'll need to do to protect your sites. It will take you just a click to stop ModSecurity if necessary or to activate its passive mode so that it records what happens without taking any actions to prevent intrusions. You'll be able to see the logs created in passive or active mode via the corresponding section of Hepsia and learn more about the type of the attack, where it came from, what rule the firewall used to tackle it, etcetera. We use a mixture of commercial and custom rules so as to ensure that ModSecurity shall prevent as many risks as possible, thus enhancing the security of your web programs as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers that are set up with our Hepsia CP and you won't have to do anything specific on your end to employ it as it is activated by default every time you include a new domain or subdomain on your web server. In case it interferes with some of your applications, you'll be able to stop it through the respective section of Hepsia, or you may leave it working in passive mode, so it'll detect attacks and will still keep a log for them, but will not block them. You can examine the logs later to find out what you can do to boost the protection of your Internet sites since you will find info such as where an intrusion attempt came from, what site was attacked and based upon what rule ModSecurity responded, and so forth. The rules which we employ are commercial, hence they are frequently updated by a security company, but to be on the safe side, our admins also include custom rules occasionally in order to react to any new threats they have identified.