ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's employed to stop attacks towards script-driven Internet sites by using security rules that contain certain expressions. This way, the firewall can block hacking and spamming attempts and shield even Internet sites which are not updated often. As an example, a number of unsuccessful login attempts to a script administrative area or attempts to execute a specific file with the objective to get access to the script will trigger specific rules, so ModSecurity shall stop these activities the minute it discovers them. The firewall is quite efficient since it monitors the whole HTTP traffic to a site in real time without slowing it down, so it can easily stop an attack before any harm is done. It furthermore keeps a very detailed log of all attack attempts that includes more information than conventional Apache logs, so you can later check out the data and take extra measures to increase the security of your websites if necessary.

ModSecurity in Hosting

ModSecurity is available with each hosting plan which we provide and it is activated by default for any domain or subdomain that you include through your Hepsia Control Panel. In case it interferes with any of your applications or you would like to disable it for whatever reason, you will be able to do that through the ModSecurity section of Hepsia with merely a click. You can also enable a passive mode, so the firewall will discover possible attacks and maintain a log, but won't take any action. You'll be able to see extensive logs in the exact same section, including the IP where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so on. For optimum protection of our clients we use a collection of commercial firewall rules mixed with custom ones which are added by our system admins.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions that we offer include ModSecurity and because the firewall is enabled by default, any website that you create under a domain or a subdomain shall be protected immediately. A separate section inside the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll allow you to start and stop the firewall for any Internet site or switch on a detection mode. With the latter, ModSecurity won't take any action, but it'll still recognize possible attacks and shall keep all info inside a log as if it were completely active. The logs can be found inside the same section of the Control Panel and they feature info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules which we use on our servers are a mix of commercial ones from a security firm and custom ones made by our system administrators. Consequently, we provide increased security for your web applications as we can protect them from attacks before security companies release updates for brand new threats.

ModSecurity in VPS Servers

Protection is essential to us, so we set up ModSecurity on all VPS servers that are set up with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section within Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you'll not need to do anything manually. You will also be able to disable it or switch on the so-called detection mode, so it will keep a log of possible attacks that you can later examine, but won't prevent them. The logs in both passive and active modes contain details about the kind of the attack and how it was eliminated, what IP it came from and other useful data which could help you to tighten the security of your sites by updating them or blocking IPs, for instance. In addition to the commercial rules we get for ModSecurity from a third-party security firm, we also use our own rules because occasionally we find specific attacks that are not yet present in the commercial group. That way, we can boost the protection of your Virtual private server right away instead of waiting for a certified update.

ModSecurity in Dedicated Servers

When you choose to host your websites on a dedicated server with the Hepsia CP, your web applications will be secured immediately because ModSecurity is available with all Hepsia-based plans. You will be able to manage the firewall easily and if necessary, you will be able to turn it off or enable its passive mode when it shall only keep a log of what is taking place without taking any action to stop potential attacks. The logs which you can find inside the exact same section of the CP are incredibly detailed and feature information about the attacker IP, what website and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, etcetera. This information will allow you to take measures and enhance the protection of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our admins include when they detect attacks which have not yet been included inside the commercial pack.