ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's used to stop attacks toward script-driven sites by using security rules which contain certain expressions. In this way, the firewall can stop hacking and spamming attempts and preserve even sites that are not updated frequently. For example, numerous failed login attempts to a script administrator area or attempts to execute a specific file with the intention to get access to the script will trigger certain rules, so ModSecurity will block out these activities the minute it detects them. The firewall is extremely efficient since it tracks the entire HTTP traffic to a website in real time without slowing it down, so it can prevent an attack before any harm is done. It also maintains an incredibly detailed log of all attack attempts which includes more info than standard Apache logs, so you can later analyze the data and take further measures to increase the security of your sites if necessary.

ModSecurity in Web Hosting

ModSecurity is offered with each and every web hosting package that we offer and it is turned on by default for any domain or subdomain which you include through your Hepsia CP. If it disrupts any of your programs or you'd like to disable it for some reason, you shall be able to do this through the ModSecurity section of Hepsia with merely a mouse click. You could also enable a passive mode, so the firewall will discover possible attacks and maintain a log, but won't take any action. You could view comprehensive logs in the very same section, including the IP where the attack originated from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so on. For maximum safety of our clients we use a collection of commercial firewall rules blended with custom ones that are provided by our system admins.

ModSecurity in Semi-dedicated Hosting

We have incorporated ModSecurity as a standard in all semi-dedicated hosting packages, so your web apps shall be protected the instant you set them up under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts will allow you to activate or turn off the firewall for any site with a mouse click. You'll also be able to turn on a passive detection mode with which ModSecurity shall keep a log of possible attacks without actually preventing them. The detailed logs include the nature of the attack and what ModSecurity response this attack activated, where it originated from, and so on. The list of rules that we use is constantly updated in order to match any new threats that could appear on the Internet and it features both commercial rules that we get from a security firm and custom-written ones that our admins add if they discover a threat that's not present inside the commercial list yet.

ModSecurity in VPS

All virtual private servers that are provided with the Hepsia CP include ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the machine, so there will not be anything special that you shall have to do to protect your websites. It'll take you simply a mouse click to stop ModSecurity if needed or to activate its passive mode so that it records what occurs without taking any actions to stop intrusions. You will be able to view the logs generated in active or passive mode via the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall used to take care of it, etc. We use a mix of commercial and custom rules in order to make certain that ModSecurity shall block out as many risks as possible, therefore improving the protection of your web applications as much as possible.

ModSecurity in Dedicated Hosting

When you choose to host your Internet sites on a dedicated server with the Hepsia CP, your web apps will be secured right away because ModSecurity is available with all Hepsia-based packages. You will be able to control the firewall without difficulty and if needed, you will be able to turn it off or enable its passive mode when it shall only maintain a log of what's taking place without taking any action to prevent possible attacks. The logs that you'll find inside the exact same section of the Control Panel are very detailed and include data about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to stop the intrusion, and so forth. This info will permit you to take measures and improve the protection of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our administrators add every time they identify attacks which have not yet been included in the commercial pack.