ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's employed to stop attacks toward script-driven websites by employing security rules that contain certain expressions. That way, the firewall can prevent hacking and spamming attempts and preserve even Internet sites which aren't updated often. As an example, multiple failed login attempts to a script admin area or attempts to execute a specific file with the purpose to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the moment it identifies them. The firewall is quite efficient because it monitors the entire HTTP traffic to a site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It also keeps an exceptionally thorough log of all attack attempts which features more information than traditional Apache logs, so you could later analyze the data and take additional measures to enhance the security of your sites if needed.

ModSecurity in Shared Hosting

ModSecurity comes standard with all shared hosting plans which we offer and it shall be turned on automatically for any domain or subdomain which you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to switch on and deactivate it with simply a click or set it to detection mode, so it'll maintain a log of all attacks, but it shall not do anything to prevent them. The log for any of your websites shall contain elaborate information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules we use are regularly updated and comprise of both commercial ones that we get from a third-party security company and custom ones that our system admins add in case that they detect a new type of attacks. This way, the Internet sites which you host here shall be much more secure without any action expected on your end.

ModSecurity in Semi-dedicated Servers

Any web application which you set up inside your new semi-dedicated server account shall be protected by ModSecurity since the firewall is included with all our hosting solutions and is turned on by default for any domain and subdomain you add or create via your Hepsia hosting Control Panel. You will be able to manage ModSecurity via a dedicated section within Hepsia where not only could you activate or deactivate it entirely, but you could also switch on a passive mode, so the firewall will not block anything, but it'll still maintain a record of possible attacks. This normally requires just a click and you shall be able to see the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was handled, and so on. The firewall uses 2 groups of rules on our web servers - a commercial one which we get from a third-party web security provider and a custom one that our administrators update manually as to respond to recently discovered threats as fast as possible.

ModSecurity in VPS Servers

Security is essential to us, so we set up ModSecurity on all VPS servers which are made available with the Hepsia Control Panel as a standard. The firewall could be managed through a dedicated section in Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you will not have to do anything manually. You shall also be able to disable it or turn on the so-called detection mode, so it will keep a log of possible attacks which you can later examine, but will not block them. The logs in both passive and active modes offer info about the kind of the attack and how it was prevented, what IP address it came from and other important info that may help you to tighten the security of your sites by updating them or blocking IPs, for example. Besides the commercial rules we get for ModSecurity from a third-party security company, we also use our own rules since occasionally we identify specific attacks which aren't yet present in the commercial pack. This way, we can improve the protection of your VPS immediately instead of awaiting an official update.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers which are set up with our Hepsia Control Panel and you'll not have to do anything specific on your end to employ it because it is turned on by default whenever you include a new domain or subdomain on your hosting server. If it disrupts any of your programs, you will be able to stop it through the respective part of Hepsia, or you could leave it working in passive mode, so it'll detect attacks and will still keep a log for them, but won't prevent them. You could examine the logs later to determine what you can do to increase the protection of your websites as you will find details such as where an intrusion attempt originated from, what site was attacked and based upon what rule ModSecurity reacted, etc. The rules we use are commercial, therefore they're regularly updated by a security firm, but to be on the safe side, our admins also add custom rules from time to time in order to respond to any new threats they have discovered.