ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It's employed to prevent attacks against script-driven Internet sites through the use of security rules that contain particular expressions. This way, the firewall can prevent hacking and spamming attempts and preserve even sites which aren't updated frequently. As an example, a number of unsuccessful login attempts to a script admin area or attempts to execute a particular file with the purpose to get access to the script shall trigger particular rules, so ModSecurity will block these activities the instant it identifies them. The firewall is very efficient because it monitors the whole HTTP traffic to a website in real time without slowing it down, so it can stop an attack before any harm is done. It additionally keeps a very detailed log of all attack attempts which includes more information than typical Apache logs, so you can later analyze the data and take further measures to improve the security of your sites if needed.

ModSecurity in Cloud Hosting

ModSecurity comes by default with all cloud hosting plans that we supply and it'll be switched on automatically for any domain or subdomain which you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and deactivate it with simply a click or set it to detection mode, so it will maintain a log of all attacks, but it shall not do anything to stop them. The log for any of your sites will feature comprehensive information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules which we use are regularly updated and incorporate both commercial ones that we get from a third-party security company and custom ones our system administrators include in the event that they detect a new sort of attacks. In this way, the websites you host here shall be far more protected with no action required on your end.

ModSecurity in Semi-dedicated Servers

We have integrated ModSecurity by default within all semi-dedicated server packages, so your web apps will be protected whenever you set them up under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts shall permit you to switch on or turn off the firewall for any website with a click. You shall also have the ability to switch on a passive detection mode through which ModSecurity shall keep a log of potential attacks without really preventing them. The detailed logs include the nature of the attack and what ModSecurity response that attack caused, where it came from, and so forth. The list of rules that we employ is constantly updated as to match any new threats which might appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones that our administrators include in case they discover a threat that's not present within the commercial list yet.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers which are integrated with our Hepsia CP and you will not need to do anything specific on your end to use it since it is activated by default each time you include a new domain or subdomain on your server. In case it interferes with any of your apps, you'll be able to stop it via the respective part of Hepsia, or you can leave it operating in passive mode, so it'll detect attacks and will still maintain a log for them, but won't block them. You could look at the logs later to learn what you can do to enhance the safety of your Internet sites as you shall find info such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity responded, etc. The rules we employ are commercial, therefore they're regularly updated by a security firm, but to be on the safe side, our admins also include custom rules occasionally as to deal with any new threats they have found.