ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It is used to stop attacks towards script-driven websites by using security rules which contain specific expressions. In this way, the firewall can stop hacking and spamming attempts and preserve even Internet sites which aren't updated often. As an example, a number of unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the purpose to get access to the script shall trigger specific rules, so ModSecurity shall stop these activities the instant it discovers them. The firewall is extremely efficient since it screens the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to prevent an attack before any harm is done. It furthermore keeps an exceptionally detailed log of all attack attempts that features more information than standard Apache logs, so you could later check out the data and take further measures to increase the security of your sites if required.

ModSecurity in Shared Hosting

ModSecurity is available on all shared hosting machines, so when you opt to host your sites with our company, they will be shielded from a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there shall be nothing you'll have to do on your end. You will be able to stop ModSecurity for any site if needed, or to activate a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You shall be able to view specific logs through your Hepsia Control Panel including the IP where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. Since we take the protection of our clients' websites seriously, we use a set of commercial rules that we take from one of the top companies that maintain such rules. Our admins also add custom rules to ensure that your sites will be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Hosting

Any web application you set up inside your new semi-dedicated hosting account will be protected by ModSecurity since the firewall is provided with all our hosting packages and is activated by default for any domain and subdomain which you add or create using your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated area within Hepsia where not only could you activate or deactivate it fully, but you may also activate a passive mode, so the firewall won't block anything, but it'll still keep a record of possible attacks. This takes just a click and you'll be able to see the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was addressed, and so forth. The firewall uses 2 groups of rules on our servers - a commercial one that we get from a third-party web security company and a custom one that our admins update personally as to respond to recently discovered risks as fast as possible.

ModSecurity in VPS

Protection is vital to us, so we install ModSecurity on all virtual private servers which are set up with the Hepsia CP as a standard. The firewall could be managed through a dedicated section in Hepsia and is turned on automatically when you include a new domain or generate a subdomain, so you'll not have to do anything personally. You will also be able to deactivate it or activate the so-called detection mode, so it'll maintain a log of possible attacks that you can later analyze, but won't prevent them. The logs in both passive and active modes contain information regarding the form of the attack and how it was prevented, what IP it came from and other important information which might help you to tighten the security of your sites by updating them or blocking IPs, for instance. On top of the commercial rules we get for ModSecurity from a third-party security company, we also employ our own rules as from time to time we find specific attacks that are not yet present in the commercial group. That way, we can enhance the security of your Virtual private server in a timely manner as opposed to awaiting an official update.

ModSecurity in Dedicated Hosting

ModSecurity is available by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain which you create on the server. Just in case that a web application does not work correctly, you can either turn off the firewall or set it to function in passive mode. The latter means that ModSecurity will keep a log of any possible attack that might occur, but won't take any action to prevent it. The logs created in passive or active mode shall offer you additional details about the exact file that was attacked, the nature of the attack and the IP it originated from, and so on. This data will enable you to determine what actions you can take to enhance the protection of your websites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated regularly with a commercial bundle from a third-party security company we work with, but occasionally our administrators add their own rules as well in case they find a new potential threat.