ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is used to prevent attacks against script-driven sites through the use of security rules that contain particular expressions. That way, the firewall can stop hacking and spamming attempts and preserve even Internet sites which are not updated regularly. For example, multiple unsuccessful login attempts to a script administrator area or attempts to execute a certain file with the purpose to get access to the script will trigger certain rules, so ModSecurity shall stop these activities the instant it identifies them. The firewall is quite efficient because it screens the whole HTTP traffic to a site in real time without slowing it down, so it could prevent an attack before any damage is done. It furthermore keeps an exceptionally detailed log of all attack attempts which contains more information than traditional Apache logs, so you can later analyze the data and take further measures to increase the security of your Internet sites if necessary.

ModSecurity in Shared Web Hosting

ModSecurity comes by default with all shared web hosting solutions which we provide and it will be switched on automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to switch on and disable it with a mouse click or set it to detection mode, so it'll maintain a log of all attacks, but it shall not do anything to prevent them. The log for each of your sites shall contain detailed information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules we use are constantly updated and consist of both commercial ones that we get from a third-party security business and custom ones which our system administrators add in the event that they detect a new kind of attacks. That way, the sites which you host here will be a lot more protected with no action required on your end.

ModSecurity in Semi-dedicated Hosting

Any web application that you set up in your new semi-dedicated hosting account will be protected by ModSecurity since the firewall comes with all our hosting plans and is activated by default for any domain and subdomain that you add or create using your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated area inside Hepsia where not simply could you activate or deactivate it completely, but you can also switch on a passive mode, so the firewall won't stop anything, but it shall still keep a record of potential attacks. This takes only a click and you will be able to look at the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was handled, and so forth. The firewall employs two sets of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one that our administrators update personally as to respond to recently discovered risks at the earliest opportunity.

ModSecurity in VPS Hosting

Safety is vital to us, so we install ModSecurity on all virtual private servers which are set up with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section inside Hepsia and is activated automatically when you add a new domain or generate a subdomain, so you will not have to do anything by hand. You shall also be able to deactivate it or turn on the so-called detection mode, so it'll maintain a log of potential attacks that you can later examine, but will not block them. The logs in both passive and active modes contain details regarding the form of the attack and how it was prevented, what IP it originated from and other useful info which might help you to tighten the security of your websites by updating them or blocking IPs, as an example. On top of the commercial rules which we get for ModSecurity from a third-party security firm, we also employ our own rules since once in a while we discover specific attacks that aren't yet present within the commercial package. This way, we could improve the security of your VPS immediately instead of waiting for an official update.

ModSecurity in Dedicated Web Hosting

ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain that you create on the hosting server. In the event that a web app does not function correctly, you can either switch off the firewall or set it to function in passive mode. The second means that ModSecurity shall keep a log of any potential attack that may happen, but will not take any action to stop it. The logs created in active or passive mode shall offer you additional details about the exact file that was attacked, the nature of the attack and the IP it originated from, and so forth. This information will enable you to decide what actions you can take to enhance the safety of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we employ are updated often with a commercial package from a third-party security firm we work with, but sometimes our staff include their own rules also when they come across a new potential threat.