ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's employed to stop attacks toward script-driven Internet sites by employing security rules which contain certain expressions. In this way, the firewall can block hacking and spamming attempts and protect even websites that are not updated often. For instance, multiple unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the objective to get access to the script will trigger particular rules, so ModSecurity shall block out these activities the instant it identifies them. The firewall is extremely efficient as it tracks the whole HTTP traffic to a website in real time without slowing it down, so it could stop an attack before any harm is done. It additionally maintains a very detailed log of all attack attempts that includes more information than standard Apache logs, so you can later analyze the data and take additional measures to enhance the security of your Internet sites if needed.

ModSecurity in Shared Website Hosting

ModSecurity is provided with all shared website hosting machines, so when you choose to host your websites with our organization, they'll be protected against an array of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any site if needed, or to enable a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You shall be able to view detailed logs using your Hepsia CP including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity dealt with the threat. Since we take the protection of our clients' websites very seriously, we use a set of commercial rules which we get from one of the leading firms that maintain this sort of rules. Our admins also add custom rules to ensure that your sites shall be protected against as many risks as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server solutions and if you decide to host your websites with our company, there will not be anything special you will have to do as the firewall is activated by default for all domains and subdomains that you include through your hosting CP. If required, you'll be able to disable ModSecurity for a given website or enable the so-called detection mode in which case the firewall shall still work and record data, but won't do anything to stop possible attacks on your Internet sites. Detailed logs shall be available in your CP and you will be able to see which kind of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks originated from, and so on. We employ two kinds of rules on our servers - commercial ones from an organization which operates in the field of web security, and custom made ones that our administrators sometimes add to respond to newly found threats in a timely manner.

ModSecurity in VPS Servers

Safety is of the utmost importance to us, so we install ModSecurity on all VPS servers that are made available with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section in Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you'll not need to do anything personally. You'll also be able to deactivate it or turn on the so-called detection mode, so it will keep a log of potential attacks you can later examine, but won't stop them. The logs in both passive and active modes offer information about the kind of the attack and how it was prevented, what IP address it came from and other valuable data that could help you to tighten the security of your websites by updating them or blocking IPs, as an example. Besides the commercial rules that we get for ModSecurity from a third-party security company, we also use our own rules as from time to time we detect specific attacks that are not yet present in the commercial pack. This way, we can easily increase the security of your VPS instantly as opposed to waiting for an official update.

ModSecurity in Dedicated Servers

All of our dedicated servers that are set up with the Hepsia hosting Control Panel come with ModSecurity, so any application you upload or install will be secured from the very beginning and you'll not need to concern yourself with common attacks or vulnerabilities. An individual section within Hepsia will allow you to start or stop the firewall for any domain or subdomain, or switch on a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you will see in the logs can easily help you to secure your sites better - the IP address an attack originated from, what website was attacked as well as how, what ModSecurity rule was triggered, etcetera. With this data, you'll be able to see if a website needs an update, if you should block IPs from accessing your web server, and so forth. On top of the third-party commercial security rules for ModSecurity we use, our admins add custom ones as well when they come across a new threat that's not yet a part of the commercial bundle.