ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's used to prevent attacks towards script-driven websites through the use of security rules which contain certain expressions. In this way, the firewall can prevent hacking and spamming attempts and protect even Internet sites which aren't updated on a regular basis. As an example, numerous unsuccessful login attempts to a script administrative area or attempts to execute a certain file with the intention to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the second it discovers them. The firewall is extremely efficient since it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any harm is done. It additionally keeps an exceptionally detailed log of all attack attempts which features more info than traditional Apache logs, so you can later check out the data and take further measures to boost the security of your Internet sites if needed.

ModSecurity in Cloud Hosting

ModSecurity comes by default with all cloud hosting packages that we offer and it shall be switched on automatically for any domain or subdomain you add/create inside your Hepsia hosting Control Panel. The firewall has 3 different modes, so you'll be able to activate and deactivate it with just a mouse click or set it to detection mode, so it'll keep a log of all attacks, but it'll not do anything to stop them. The log for any of your websites will include detailed information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules we use are regularly updated and comprise of both commercial ones which we get from a third-party security business and custom ones that our system admins include in case that they detect a new kind of attacks. That way, the sites that you host here shall be far more secure with no action required on your end.

ModSecurity in Semi-dedicated Servers

Any web application you set up in your new semi-dedicated server account shall be protected by ModSecurity since the firewall is provided with all our hosting plans and is activated by default for any domain and subdomain you add or create via your Hepsia hosting Control Panel. You'll be able to manage ModSecurity via a dedicated section within Hepsia where not only could you activate or deactivate it completely, but you can also switch on a passive mode, so the firewall won't block anything, but it shall still keep a record of possible attacks. This normally requires simply a mouse click and you shall be able to see the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was addressed, etcetera. The firewall employs 2 sets of rules on our web servers - a commercial one which we get from a third-party web security provider and a custom one which our administrators update personally as to respond to recently discovered threats as soon as possible.

ModSecurity in VPS Servers

Security is vital to us, so we set up ModSecurity on all VPS servers which are set up with the Hepsia CP by default. The firewall could be managed via a dedicated section in Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you will not need to do anything personally. You shall also be able to deactivate it or activate the so-called detection mode, so it'll maintain a log of potential attacks which you can later study, but won't prevent them. The logs in both passive and active modes include info regarding the form of the attack and how it was stopped, what IP it came from and other valuable information which could help you to tighten the security of your sites by updating them or blocking IPs, as an example. In addition to the commercial rules we get for ModSecurity from a third-party security company, we also use our own rules since from time to time we discover specific attacks that are not yet present in the commercial package. This way, we can easily boost the protection of your Virtual private server immediately instead of awaiting an official update.

ModSecurity in Dedicated Servers

All of our dedicated servers that are installed with the Hepsia hosting CP include ModSecurity, so any program which you upload or install shall be properly secured from the very beginning and you will not have to stress about common attacks or vulnerabilities. An individual section inside Hepsia will permit you to start or stop the firewall for each domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you shall find in the logs can easily enable you to to secure your sites better - the IP address an attack came from, what site was attacked as well as how, what ModSecurity rule was triggered, etc. With this information, you could see if an Internet site needs an update, if you need to block IPs from accessing your web server, etc. Aside from the third-party commercial security rules for ModSecurity we use, our admins include custom ones as well whenever they discover a new threat that is not yet a part of the commercial bundle.