ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is employed to prevent attacks against script-driven sites through the use of security rules which contain particular expressions. This way, the firewall can block hacking and spamming attempts and shield even websites that aren't updated regularly. As an example, several failed login attempts to a script administrator area or attempts to execute a specific file with the intention to get access to the script will trigger specific rules, so ModSecurity will stop these activities the minute it identifies them. The firewall is extremely efficient because it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it could stop an attack before any damage is done. It furthermore maintains a very thorough log of all attack attempts which contains more info than standard Apache logs, so you could later analyze the data and take further measures to increase the security of your Internet sites if needed.

ModSecurity in Website Hosting

ModSecurity is offered with every single website hosting solution that we provide and it's turned on by default for every domain or subdomain which you include through your Hepsia Control Panel. If it disrupts any of your programs or you would like to disable it for whatever reason, you shall be able to achieve that through the ModSecurity area of Hepsia with simply a click. You can also use a passive mode, so the firewall will identify potential attacks and maintain a log, but will not take any action. You'll be able to view extensive logs in the exact same section, including the IP address where the attack came from, exactly what the attacker tried to do and at what time, what ModSecurity did, etcetera. For max safety of our clients we use a group of commercial firewall rules blended with custom ones that are included by our system admins.

ModSecurity in Semi-dedicated Hosting

We've incorporated ModSecurity as a standard within all semi-dedicated hosting packages, so your web applications will be protected as soon as you set them up under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts will allow you to switch on or disable the firewall for any Internet site with a mouse click. You will also have the ability to activate a passive detection mode with which ModSecurity will maintain a log of possible attacks without really stopping them. The comprehensive logs include the nature of the attack and what ModSecurity response that attack triggered, where it originated from, etc. The list of rules we employ is regularly updated as to match any new risks that could appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones that our administrators add in case they discover a threat that is not present within the commercial list yet.

ModSecurity in Dedicated Web Hosting

ModSecurity is provided with all dedicated servers which are set up with our Hepsia CP and you'll not need to do anything specific on your end to use it since it's turned on by default whenever you include a new domain or subdomain on your server. If it interferes with some of your apps, you'll be able to stop it through the respective section of Hepsia, or you can leave it in passive mode, so it will identify attacks and shall still maintain a log for them, but shall not prevent them. You can analyze the logs later to learn what you can do to increase the protection of your websites as you'll find details such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity reacted, etcetera. The rules we employ are commercial, therefore they're constantly updated by a security provider, but to be on the safe side, our administrators also add custom rules once in a while in order to respond to any new threats they have identified.