ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's used to stop attacks towards script-driven Internet sites by employing security rules which contain particular expressions. In this way, the firewall can stop hacking and spamming attempts and protect even websites which aren't updated regularly. For example, multiple unsuccessful login attempts to a script admin area or attempts to execute a certain file with the objective to get access to the script shall trigger particular rules, so ModSecurity will block out these activities the instant it detects them. The firewall is very efficient because it screens the entire HTTP traffic to a website in real time without slowing it down, so it can easily prevent an attack before any harm is done. It also maintains a very thorough log of all attack attempts that includes more information than typical Apache logs, so you could later analyze the data and take further measures to improve the security of your websites if required.

ModSecurity in Cloud Hosting

ModSecurity comes standard with all cloud hosting solutions that we offer and it will be turned on automatically for any domain or subdomain which you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could activate and disable it with simply a mouse click or set it to detection mode, so it'll keep a log of all attacks, but it will not do anything to stop them. The log for each of your Internet sites shall include elaborate information such as the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules which we use are frequently updated and include both commercial ones we get from a third-party security firm and custom ones that our system administrators include in the event that they detect a new kind of attacks. This way, the sites that you host here will be much more protected without any action expected on your end.

ModSecurity in Semi-dedicated Servers

We've included ModSecurity as a standard within all semi-dedicated server products, so your web applications will be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts shall permit you to switch on or disable the firewall for any website with a click. You'll also be able to turn on a passive detection mode with which ModSecurity shall keep a log of possible attacks without actually preventing them. The thorough logs include things like the nature of the attack and what ModSecurity response that attack initiated, where it came from, and so forth. The list of rules we use is regularly updated as to match any new threats which may appear on the Internet and it includes both commercial rules that we get from a security company and custom-written ones that our administrators include in case they find a threat that is not present inside the commercial list yet.

ModSecurity in VPS Servers

Protection is essential to us, so we set up ModSecurity on all VPS servers that are set up with the Hepsia CP by default. The firewall could be managed through a dedicated section in Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you will not need to do anything personally. You shall also be able to deactivate it or turn on the so-called detection mode, so it will keep a log of possible attacks which you can later examine, but won't stop them. The logs in both passive and active modes include details regarding the form of the attack and how it was eliminated, what IP it came from and other important info that could help you to tighten the security of your sites by updating them or blocking IPs, as an example. On top of the commercial rules that we get for ModSecurity from a third-party security enterprise, we also employ our own rules since once in a while we identify specific attacks which aren't yet present within the commercial group. That way, we could boost the security of your Virtual private server instantly as opposed to awaiting an official update.

ModSecurity in Dedicated Servers

ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain which you create on the web server. In the event that a web application doesn't function correctly, you can either turn off the firewall or set it to operate in passive mode. The latter means that ModSecurity shall maintain a log of any possible attack which may occur, but won't take any action to prevent it. The logs created in passive or active mode shall offer you additional details about the exact file which was attacked, the type of the attack and the IP it came from, and so on. This information shall enable you to choose what measures you can take to boost the security of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules which we use are updated constantly with a commercial bundle from a third-party security provider we work with, but oftentimes our staff include their own rules as well in the event that they identify a new potential threat.