ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's used to stop attacks towards script-driven sites by using security rules which contain certain expressions. That way, the firewall can stop hacking and spamming attempts and preserve even websites which are not updated on a regular basis. For instance, multiple failed login attempts to a script administrator area or attempts to execute a specific file with the objective to get access to the script will trigger specific rules, so ModSecurity will block out these activities the second it detects them. The firewall is quite efficient because it monitors the whole HTTP traffic to a site in real time without slowing it down, so it could prevent an attack before any harm is done. It furthermore keeps an incredibly comprehensive log of all attack attempts that features more info than traditional Apache logs, so you can later check out the data and take further measures to enhance the security of your Internet sites if needed.

ModSecurity in Hosting

ModSecurity is offered with each hosting solution that we offer and it's switched on by default for every domain or subdomain that you add via your Hepsia CP. In case it interferes with any of your apps or you'd like to disable it for whatever reason, you'll be able to do that through the ModSecurity section of Hepsia with only a click. You can also activate a passive mode, so the firewall will identify potential attacks and maintain a log, but won't take any action. You could view extensive logs in the very same section, including the IP where the attack came from, what exactly the attacker attempted to do and at what time, what ModSecurity did, etcetera. For max protection of our customers we use a group of commercial firewall rules combined with custom ones which are added by our system administrators.

ModSecurity in Semi-dedicated Servers

We've included ModSecurity by default inside all semi-dedicated server products, so your web apps shall be protected the instant you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts shall allow you to enable or turn off the firewall for any website with a click. You will also have the ability to turn on a passive detection mode with which ModSecurity will keep a log of possible attacks without actually preventing them. The detailed logs contain the nature of the attack and what ModSecurity response that attack initiated, where it originated from, etc. The list of rules that we employ is frequently updated as to match any new risks which might appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones which our administrators include in case they find a threat which is not present within the commercial list yet.

ModSecurity in VPS Servers

All VPS servers that are set up with the Hepsia CP feature ModSecurity. The firewall is installed and activated by default for all domains which are hosted on the server, so there shall not be anything special which you will have to do to protect your Internet sites. It will take you just a mouse click to stop ModSecurity if necessary or to turn on its passive mode so that it records what happens without taking any actions to stop intrusions. You shall be able to view the logs generated in active or passive mode from the corresponding section of Hepsia and find out more about the form of the attack, where it originated from, what rule the firewall employed to take care of it, and so forth. We employ a combination of commercial and custom rules so as to ensure that ModSecurity will prevent as many risks as possible, consequently boosting the security of your web applications as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is provided with all dedicated servers which are integrated with our Hepsia Control Panel and you'll not need to do anything specific on your end to employ it as it is activated by default every time you include a new domain or subdomain on your web server. If it disrupts some of your programs, you'll be able to stop it through the respective part of Hepsia, or you can leave it working in passive mode, so it shall identify attacks and will still maintain a log for them, but shall not block them. You could analyze the logs later to find out what you can do to boost the protection of your websites as you shall find information such as where an intrusion attempt came from, what website was attacked and based on what rule ModSecurity reacted, and so on. The rules which we employ are commercial, therefore they are regularly updated by a security company, but to be on the safe side, our admins also include custom rules occasionally in order to deal with any new threats they have found.