ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is used to stop attacks against script-driven websites by using security rules that contain certain expressions. That way, the firewall can prevent hacking and spamming attempts and preserve even websites which are not updated on a regular basis. For instance, multiple failed login attempts to a script administrative area or attempts to execute a specific file with the objective to get access to the script shall trigger specific rules, so ModSecurity shall block these activities the instant it discovers them. The firewall is incredibly efficient as it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it can stop an attack before any harm is done. It furthermore maintains a very comprehensive log of all attack attempts which includes more info than conventional Apache logs, so you can later examine the data and take further measures to enhance the security of your Internet sites if needed.

ModSecurity in Website Hosting

ModSecurity is offered with each and every website hosting plan that we provide and it's turned on by default for every domain or subdomain which you include through your Hepsia CP. If it disrupts any of your programs or you'd like to disable it for any reason, you shall be able to do that through the ModSecurity section of Hepsia with simply a click. You could also activate a passive mode, so the firewall will detect possible attacks and keep a log, but shall not take any action. You could see comprehensive logs in the exact same section, including the IP where the attack originated from, what precisely the attacker attempted to do and at what time, what ModSecurity did, and so forth. For optimum safety of our clients we use a collection of commercial firewall rules blended with custom ones that are included by our system administrators.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server solutions and if you choose to host your Internet sites with us, there will not be anything special you'll need to do given that the firewall is turned on by default for all domains and subdomains which you add through your hosting Control Panel. If required, you can disable ModSecurity for a particular site or activate the so-called detection mode in which case the firewall will still function and record data, but will not do anything to prevent possible attacks against your sites. Comprehensive logs will be accessible in your Control Panel and you'll be able to see what type of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, and so forth. We use 2 kinds of rules on our servers - commercial ones from an organization which operates in the field of web security, and custom ones that our admins often include to respond to newly identified threats promptly.

ModSecurity in VPS Servers

All VPS servers which are offered with the Hepsia CP come with ModSecurity. The firewall is set up and switched on by default for all domains which are hosted on the machine, so there won't be anything special which you will have to do to protect your Internet sites. It'll take you only a click to stop ModSecurity if required or to turn on its passive mode so that it records what occurs without taking any measures to stop intrusions. You'll be able to view the logs produced in passive or active mode from the corresponding section of Hepsia and find out more about the type of the attack, where it originated from, what rule the firewall employed to deal with it, and so forth. We employ a combination of commercial and custom rules so as to make sure that ModSecurity shall block out as many threats as possible, thus improving the security of your web applications as much as possible.

ModSecurity in Dedicated Servers

All of our dedicated servers that are installed with the Hepsia hosting CP come with ModSecurity, so any program which you upload or set up will be secured from the very beginning and you won't need to concern yourself with common attacks or vulnerabilities. An independent section in Hepsia will permit you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records info about intrusions, but does not take actions to stop them. What you shall discover in the logs can easily help you to secure your websites better - the IP address an attack came from, what website was attacked and exactly how, what ModSecurity rule was triggered, etc. With this info, you can see whether a website needs an update, if you need to block IPs from accessing your hosting server, etc. In addition to the third-party commercial security rules for ModSecurity which we use, our admins add custom ones too every time they come across a new threat which is not yet in the commercial bundle.