ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is employed to stop attacks towards script-driven websites through the use of security rules that contain particular expressions. This way, the firewall can prevent hacking and spamming attempts and protect even websites which aren't updated often. For example, several unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script will trigger particular rules, so ModSecurity shall block out these activities the minute it discovers them. The firewall is quite efficient since it tracks the entire HTTP traffic to a site in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It additionally keeps a very detailed log of all attack attempts which includes more information than conventional Apache logs, so you can later check out the data and take additional measures to enhance the security of your Internet sites if necessary.

ModSecurity in Cloud Website Hosting

ModSecurity can be found with each cloud website hosting solution which we provide and it is activated by default for every domain or subdomain that you include through your Hepsia CP. If it disrupts any of your programs or you'd like to disable it for some reason, you'll be able to accomplish that through the ModSecurity area of Hepsia with only a click. You may also use a passive mode, so the firewall will detect possible attacks and maintain a log, but will not take any action. You can view detailed logs in the exact same section, including the IP where the attack originated from, exactly what the attacker tried to do and at what time, what ModSecurity did, etc. For optimum safety of our customers we use a group of commercial firewall rules mixed with custom ones that are provided by our system admins.

ModSecurity in Semi-dedicated Servers

We have included ModSecurity by default within all semi-dedicated server plans, so your web applications will be protected as soon as you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall permit you to activate or turn off the firewall for any website with a click. You shall also have the ability to turn on a passive detection mode through which ModSecurity will keep a log of possible attacks without actually preventing them. The comprehensive logs include things like the nature of the attack and what ModSecurity response that attack triggered, where it came from, etcetera. The list of rules we use is frequently updated as to match any new threats which could appear on the Internet and it features both commercial rules that we get from a security business and custom-written ones that our admins include in the event that they find a threat that's not present within the commercial list yet.

ModSecurity in VPS Servers

Protection is extremely important to us, so we install ModSecurity on all VPS servers which are provided with the Hepsia CP as a standard. The firewall can be managed through a dedicated section in Hepsia and is activated automatically when you include a new domain or create a subdomain, so you will not need to do anything personally. You will also be able to deactivate it or activate the so-called detection mode, so it shall keep a log of possible attacks which you can later analyze, but won't stop them. The logs in both passive and active modes offer information about the kind of the attack and how it was prevented, what IP address it came from and other useful info which could help you to tighten the security of your Internet sites by updating them or blocking IPs, for instance. Beyond the commercial rules which we get for ModSecurity from a third-party security firm, we also use our own rules as from time to time we find specific attacks which are not yet present within the commercial package. This way, we can easily increase the security of your VPS immediately rather than waiting for an official update.

ModSecurity in Dedicated Servers

ModSecurity is available as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain that you create on the server. In the event that a web app doesn't operate properly, you could either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity will maintain a log of any potential attack which may occur, but won't take any action to stop it. The logs created in passive or active mode will offer you additional details about the exact file which was attacked, the type of the attack and the IP it came from, etc. This information shall allow you to decide what measures you can take to increase the safety of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated constantly with a commercial pack from a third-party security firm we work with, but from time to time our admins include their own rules too in case they find a new potential threat.