ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's employed to prevent attacks against script-driven Internet sites by using security rules which contain particular expressions. In this way, the firewall can stop hacking and spamming attempts and preserve even sites which are not updated regularly. For instance, numerous failed login attempts to a script administrator area or attempts to execute a certain file with the intention to get access to the script shall trigger certain rules, so ModSecurity will block out these activities the moment it discovers them. The firewall is incredibly efficient as it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It furthermore keeps an exceptionally detailed log of all attack attempts which features more info than traditional Apache logs, so you could later analyze the data and take additional measures to improve the security of your sites if necessary.

ModSecurity in Cloud Hosting

ModSecurity is offered with every single cloud hosting solution that we offer and it's turned on by default for every domain or subdomain that you add via your Hepsia Control Panel. In case it interferes with any of your programs or you'd like to disable it for whatever reason, you will be able to do that through the ModSecurity section of Hepsia with merely a mouse click. You could also enable a passive mode, so the firewall will identify possible attacks and maintain a log, but won't take any action. You can view extensive logs in the very same section, including the IP where the attack originated from, what precisely the attacker attempted to do and at what time, what ModSecurity did, etcetera. For max security of our customers we use a group of commercial firewall rules mixed with custom ones which are provided by our system admins.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server plans and if you opt to host your sites with our company, there won't be anything special you'll need to do given that the firewall is turned on by default for all domains and subdomains you include through your hosting CP. If required, you could disable ModSecurity for a certain Internet site or activate the so-called detection mode in which case the firewall will still work and record info, but shall not do anything to stop potential attacks against your sites. In depth logs shall be readily available within your CP and you'll be able to see which kind of attacks occurred, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, etcetera. We use 2 kinds of rules on our servers - commercial ones from a firm that operates in the field of web security, and custom made ones which our administrators often include to respond to newly identified risks promptly.

ModSecurity in VPS Servers

Protection is very important to us, so we set up ModSecurity on all VPS servers that are made available with the Hepsia CP as a standard. The firewall can be managed via a dedicated section inside Hepsia and is activated automatically when you include a new domain or create a subdomain, so you won't need to do anything manually. You will also be able to disable it or activate the so-called detection mode, so it'll keep a log of possible attacks you can later analyze, but will not prevent them. The logs in both passive and active modes contain details about the type of the attack and how it was stopped, what IP it originated from and other useful data that could help you to tighten the security of your websites by updating them or blocking IPs, as an example. Besides the commercial rules that we get for ModSecurity from a third-party security company, we also employ our own rules as once in a while we detect specific attacks which are not yet present inside the commercial pack. This way, we can increase the protection of your VPS promptly instead of waiting for a certified update.

ModSecurity in Dedicated Servers

All our dedicated servers which are set up with the Hepsia hosting Control Panel come with ModSecurity, so any program which you upload or set up will be properly secured from the very beginning and you won't need to bother about common attacks or vulnerabilities. An independent section in Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but doesn't take actions to stop them. What you'll find in the logs can help you to secure your Internet sites better - the IP an attack came from, what site was attacked and in what way, what ModSecurity rule was triggered, and so forth. With this information, you'll be able to see whether a website needs an update, if you ought to block IPs from accessing your hosting server, etc. Besides the third-party commercial security rules for ModSecurity which we use, our admins include custom ones as well if they discover a new threat that's not yet included in the commercial bundle.