ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's employed to stop attacks against script-driven Internet sites by using security rules that contain certain expressions. That way, the firewall can stop hacking and spamming attempts and preserve even websites which are not updated often. As an example, a number of unsuccessful login attempts to a script admin area or attempts to execute a particular file with the objective to get access to the script shall trigger particular rules, so ModSecurity shall block these activities the minute it detects them. The firewall is very efficient as it tracks the entire HTTP traffic to a website in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It additionally maintains an incredibly detailed log of all attack attempts which contains more info than standard Apache logs, so you can later check out the data and take additional measures to improve the security of your Internet sites if required.

ModSecurity in Cloud Web Hosting

ModSecurity is available with every cloud web hosting solution that we provide and it's switched on by default for every domain or subdomain that you include via your Hepsia Control Panel. In case it disrupts any of your programs or you would like to disable it for some reason, you shall be able to achieve that through the ModSecurity area of Hepsia with only a click. You could also enable a passive mode, so the firewall will discover possible attacks and keep a log, but will not take any action. You can view detailed logs in the exact same section, including the IP where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, etcetera. For max security of our customers we use a group of commercial firewall rules blended with custom ones that are provided by our system administrators.

ModSecurity in Semi-dedicated Servers

We have included ModSecurity as a standard within all semi-dedicated server packages, so your web apps will be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts shall permit you to activate or disable the firewall for any website with a click. You'll also be able to switch on a passive detection mode through which ModSecurity will maintain a log of potential attacks without really preventing them. The comprehensive logs include the nature of the attack and what ModSecurity response this attack activated, where it came from, etc. The list of rules which we employ is frequently updated in order to match any new risks that could appear on the Internet and it consists of both commercial rules that we get from a security business and custom-written ones which our admins include in the event that they discover a threat that is not present inside the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are offered with the Hepsia hosting CP, so your web programs shall be secured from the moment your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if needed, you can deactivate it with a mouse click through the corresponding section of Hepsia. You may also set it to operate in detection mode, so it'll maintain a detailed log of any possible attacks without taking any action to prevent them. The logs can be found within the same section and include info about the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For optimum security, we use not just commercial rules from a company operating in the field of web security, but also custom ones that our admins add manually so as to react to new risks that are still not addressed in the commercial rules.

ModSecurity in Dedicated Servers

All of our dedicated servers that are set up with the Hepsia hosting Control Panel include ModSecurity, so any program that you upload or set up will be properly secured from the very beginning and you will not need to stress about common attacks or vulnerabilities. An individual section inside Hepsia will permit you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you'll find in the logs can easily allow you to to secure your websites better - the IP an attack came from, what website was attacked and in what way, what ModSecurity rule was triggered, etc. With this info, you could see if an Internet site needs an update, whether you ought to block IPs from accessing your hosting server, etc. In addition to the third-party commercial security rules for ModSecurity that we use, our admins add custom ones as well whenever they come across a new threat that's not yet a part of the commercial bundle.