ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is employed to prevent attacks toward script-driven Internet sites through the use of security rules which contain specific expressions. That way, the firewall can stop hacking and spamming attempts and shield even Internet sites which are not updated regularly. As an example, a number of failed login attempts to a script admin area or attempts to execute a certain file with the objective to get access to the script will trigger specific rules, so ModSecurity will block these activities the instant it discovers them. The firewall is incredibly efficient because it tracks the whole HTTP traffic to a website in real time without slowing it down, so it can prevent an attack before any harm is done. It also keeps an incredibly detailed log of all attack attempts that features more info than standard Apache logs, so you could later analyze the data and take further measures to enhance the security of your websites if necessary.

ModSecurity in Cloud Hosting

ModSecurity is offered with each cloud hosting solution which we provide and it is turned on by default for every domain or subdomain that you include via your Hepsia CP. In case it disrupts any of your programs or you'd like to disable it for any reason, you'll be able to do that through the ModSecurity area of Hepsia with just a mouse click. You may also use a passive mode, so the firewall will detect possible attacks and keep a log, but shall not take any action. You could view comprehensive logs in the same section, including the IP address where the attack came from, exactly what the attacker tried to do and at what time, what ModSecurity did, etc. For optimum safety of our customers we use a group of commercial firewall rules combined with custom ones that are added by our system admins.

ModSecurity in Semi-dedicated Servers

We've included ModSecurity by default in all semi-dedicated server packages, so your web apps will be protected the instant you install them under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts shall allow you to activate or disable the firewall for any site with a click. You will also have the ability to activate a passive detection mode with which ModSecurity will keep a log of possible attacks without really preventing them. The thorough logs include the nature of the attack and what ModSecurity response this attack activated, where it came from, etc. The list of rules which we use is constantly updated as to match any new risks that might appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones which our administrators add if they discover a threat that is not present inside the commercial list yet.

ModSecurity in VPS Servers

All VPS servers which are provided with the Hepsia Control Panel come with ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the web server, so there shall not be anything special that you'll have to do to protect your websites. It'll take you only a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what goes on without taking any measures to stop intrusions. You shall be able to look at the logs created in passive or active mode through the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall employed to tackle it, etcetera. We use a combination of commercial and custom rules so as to make certain that ModSecurity will block out as many risks as possible, therefore boosting the protection of your web programs as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers which are set up with our Hepsia CP and you won't need to do anything specific on your end to use it as it is enabled by default each time you add a new domain or subdomain on your server. If it interferes with some of your programs, you will be able to stop it through the respective section of Hepsia, or you can leave it in passive mode, so it shall detect attacks and shall still keep a log for them, but will not block them. You may look at the logs later to determine what you can do to boost the security of your websites since you'll find info such as where an intrusion attempt came from, what site was attacked and based on what rule ModSecurity reacted, etc. The rules which we use are commercial, therefore they are constantly updated by a security provider, but to be on the safe side, our admins also include custom rules from time to time as to react to any new threats they have discovered.