ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It is used to stop attacks against script-driven Internet sites by using security rules that contain specific expressions. That way, the firewall can prevent hacking and spamming attempts and protect even sites which are not updated often. As an example, numerous unsuccessful login attempts to a script admin area or attempts to execute a particular file with the objective to get access to the script shall trigger certain rules, so ModSecurity will block out these activities the second it detects them. The firewall is incredibly efficient since it tracks the entire HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It furthermore keeps a very detailed log of all attack attempts which contains more information than traditional Apache logs, so you can later analyze the data and take extra measures to boost the security of your sites if necessary.

ModSecurity in Shared Hosting

ModSecurity comes standard with all shared hosting plans which we offer and it shall be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has three different modes, so you can switch on and disable it with only a click or set it to detection mode, so it will keep a log of all attacks, but it'll not do anything to prevent them. The log for each of your websites shall include in-depth information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules that we use are regularly updated and consist of both commercial ones which we get from a third-party security company and custom ones that our system administrators include in the event that they detect a new sort of attacks. In this way, the sites which you host here will be much more secure without any action needed on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans that we offer include ModSecurity and since the firewall is turned on by default, any website you create under a domain or a subdomain will be secured immediately. An individual section in the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll enable you to start and stop the firewall for any website or switch on a detection mode. With the last option, ModSecurity will not take any action, but it'll still recognize possible attacks and shall keep all data within a log as if it were fully active. The logs can be found in the same section of the CP and they feature info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules we use on our machines are a mix between commercial ones from a security company and custom ones created by our system administrators. Therefore, we offer higher security for your web apps as we can shield them from attacks even before security businesses release updates for brand new threats.

ModSecurity in VPS Servers

ModSecurity is included with all Hepsia-based VPS servers we offer and it shall be activated automatically for any new domain or subdomain you include on the hosting server. This way, any web app that you install will be secured immediately without doing anything personally on your end. The firewall could be managed through the section of the CP that bears the same name. This is the place in whichyou'll be able to disable ModSecurity or enable its passive mode, so it will not take any action toward threats, but shall still keep a detailed log. The recorded information is available inside the same area as well and you shall be able to see what IPs any attacks originated from to enable you to block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules that we use on our servers are a mix between commercial ones that we obtain from a security company and custom ones that are included by our staff to maximize the protection of any web applications hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the hosting server. In case that a web app does not work correctly, you can either turn off the firewall or set it to function in passive mode. The latter means that ModSecurity shall maintain a log of any potential attack that could happen, but will not take any action to prevent it. The logs generated in active or passive mode shall give you more details about the exact file that was attacked, the type of the attack and the IP it originated from, and so forth. This data will enable you to determine what steps you can take to enhance the protection of your sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated regularly with a commercial pack from a third-party security firm we work with, but occasionally our administrators include their own rules as well if they come across a new potential threat.