ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It is employed to stop attacks towards script-driven websites through the use of security rules which contain certain expressions. In this way, the firewall can block hacking and spamming attempts and protect even websites that are not updated often. For instance, several failed login attempts to a script administrator area or attempts to execute a particular file with the objective to get access to the script shall trigger particular rules, so ModSecurity shall stop these activities the minute it discovers them. The firewall is quite efficient as it tracks the whole HTTP traffic to a website in real time without slowing it down, so it can prevent an attack before any harm is done. It furthermore keeps an incredibly thorough log of all attack attempts which features more info than standard Apache logs, so you can later check out the data and take additional measures to increase the security of your websites if necessary.

ModSecurity in Shared Website Hosting

ModSecurity comes standard with all shared website hosting packages that we provide and it'll be switched on automatically for any domain or subdomain which you add/create in your Hepsia hosting Control Panel. The firewall has three different modes, so you could activate and disable it with just a click or set it to detection mode, so it'll keep a log of all attacks, but it will not do anything to prevent them. The log for any of your sites will include in-depth info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are frequently updated and consist of both commercial ones we get from a third-party security business and custom ones that our system admins include in the event that they detect a new kind of attacks. This way, the sites which you host here shall be much more protected without any action required on your end.

ModSecurity in Semi-dedicated Servers

We have included ModSecurity by default in all semi-dedicated server packages, so your web apps shall be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will allow you to activate or turn off the firewall for any site with a mouse click. You'll also be able to turn on a passive detection mode through which ModSecurity will keep a log of potential attacks without really stopping them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack generated, where it came from, etcetera. The list of rules we employ is constantly updated as to match any new risks that may appear on the Internet and it includes both commercial rules that we get from a security business and custom-written ones that our administrators add if they discover a threat that's not present inside the commercial list yet.

ModSecurity in VPS Servers

All VPS servers that are provided with the Hepsia CP include ModSecurity. The firewall is installed and switched on by default for all domains that are hosted on the web server, so there won't be anything special that you shall have to do to protect your sites. It will take you just a mouse click to stop ModSecurity if necessary or to switch on its passive mode so that it records what goes on without taking any actions to stop intrusions. You will be able to look at the logs produced in passive or active mode via the corresponding section of Hepsia and discover more about the form of the attack, where it originated from, what rule the firewall used to handle it, etc. We employ a mixture of commercial and custom rules so as to make certain that ModSecurity will block out as many risks as possible, hence increasing the protection of your web programs as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is provided as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain which you create on the web server. In the event that a web app doesn't function adequately, you can either disable the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any potential attack which might take place, but shall not take any action to prevent it. The logs created in active or passive mode will give you additional details about the exact file which was attacked, the form of the attack and the IP address it came from, and so forth. This data shall allow you to determine what measures you can take to boost the safety of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial package from a third-party security company we work with, but oftentimes our staff include their own rules also when they discover a new potential threat.