ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's employed to prevent attacks towards script-driven sites by using security rules which contain specific expressions. That way, the firewall can prevent hacking and spamming attempts and shield even websites which aren't updated regularly. As an example, numerous unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the objective to get access to the script will trigger specific rules, so ModSecurity shall block out these activities the moment it identifies them. The firewall is quite efficient because it tracks the entire HTTP traffic to a site in real time without slowing it down, so it could prevent an attack before any damage is done. It additionally keeps a very thorough log of all attack attempts which contains more info than standard Apache logs, so you can later analyze the data and take extra measures to enhance the security of your Internet sites if required.

ModSecurity in Cloud Hosting

ModSecurity can be found with every cloud hosting solution that we provide and it is activated by default for any domain or subdomain that you add through your Hepsia Control Panel. If it disrupts any of your applications or you would like to disable it for any reason, you shall be able to accomplish that through the ModSecurity area of Hepsia with simply a mouse click. You may also enable a passive mode, so the firewall will detect potential attacks and keep a log, but shall not take any action. You'll be able to view comprehensive logs in the exact same section, including the IP where the attack originated from, what exactly the attacker tried to do and at what time, what ModSecurity did, and so forth. For optimum safety of our customers we use a set of commercial firewall rules mixed with custom ones which are included by our system admins.

ModSecurity in Semi-dedicated Hosting

We have integrated ModSecurity by default within all semi-dedicated hosting packages, so your web apps will be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts shall allow you to enable or disable the firewall for any Internet site with a mouse click. You will also be able to activate a passive detection mode through which ModSecurity shall maintain a log of possible attacks without actually stopping them. The detailed logs contain the nature of the attack and what ModSecurity response that attack caused, where it originated from, etc. The list of rules which we employ is constantly updated in order to match any new risks that could appear on the Internet and it comes with both commercial rules that we get from a security corporation and custom-written ones which our administrators include in case they find a threat that is not present inside the commercial list yet.

ModSecurity in VPS Hosting

Security is of the utmost importance to us, so we set up ModSecurity on all virtual private servers which are provided with the Hepsia CP as a standard. The firewall could be managed through a dedicated section within Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you will not have to do anything manually. You will also be able to disable it or turn on the so-called detection mode, so it will keep a log of potential attacks that you can later examine, but won't block them. The logs in both passive and active modes contain details regarding the type of the attack and how it was prevented, what IP it originated from and other important info which might help you to tighten the security of your websites by updating them or blocking IPs, for instance. On top of the commercial rules which we get for ModSecurity from a third-party security firm, we also employ our own rules since from time to time we identify specific attacks that aren't yet present within the commercial pack. This way, we could boost the protection of your VPS immediately instead of waiting for a certified update.

ModSecurity in Dedicated Web Hosting

When you decide to host your websites on a dedicated server with the Hepsia Control Panel, your web applications will be protected right away because ModSecurity is available with all Hepsia-based plans. You shall be able to manage the firewall easily and if necessary, you shall be able to turn it off or enable its passive mode when it shall only keep a log of what is occurring without taking any action to prevent potential attacks. The logs that you can find in the very same section of the Control Panel are very detailed and contain details about the attacker IP, what website and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, etc. This data shall allow you to take measures and boost the security of your websites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our admins add every time they detect attacks which haven't yet been included inside the commercial pack.