ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is employed to prevent attacks toward script-driven Internet sites by employing security rules that contain certain expressions. That way, the firewall can block hacking and spamming attempts and preserve even Internet sites which aren't updated on a regular basis. As an example, a number of unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the purpose to get access to the script shall trigger certain rules, so ModSecurity shall block these activities the minute it identifies them. The firewall is quite efficient as it tracks the whole HTTP traffic to a website in real time without slowing it down, so it will be able to stop an attack before any damage is done. It additionally keeps an incredibly comprehensive log of all attack attempts which contains more information than traditional Apache logs, so you can later examine the data and take further measures to improve the security of your sites if necessary.

ModSecurity in Web Hosting

ModSecurity is offered with each and every web hosting solution that we offer and it is switched on by default for any domain or subdomain that you include via your Hepsia Control Panel. If it interferes with any of your apps or you would like to disable it for some reason, you shall be able to achieve that through the ModSecurity area of Hepsia with merely a click. You can also enable a passive mode, so the firewall will recognize possible attacks and maintain a log, but shall not take any action. You'll be able to view extensive logs in the same section, including the IP address where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, etc. For max protection of our clients we use a group of commercial firewall rules mixed with custom ones that are included by our system admins.

ModSecurity in Semi-dedicated Servers

Any web application that you set up within your new semi-dedicated server account shall be protected by ModSecurity as the firewall is included with all our hosting packages and is switched on by default for any domain and subdomain which you include or create using your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated area within Hepsia where not simply could you activate or deactivate it completely, but you can also enable a passive mode, so the firewall shall not stop anything, but it'll still keep an archive of potential attacks. This takes simply a click and you'll be able to view the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, etc. The firewall uses two sets of rules on our servers - a commercial one that we get from a third-party web security provider and a custom one which our admins update manually as to respond to newly discovered threats as quickly as possible.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers which are integrated with our Hepsia Control Panel and you will not have to do anything specific on your end to use it because it is activated by default whenever you add a new domain or subdomain on your web server. In the event that it disrupts any of your applications, you will be able to stop it through the respective part of Hepsia, or you may leave it in passive mode, so it will identify attacks and shall still maintain a log for them, but won't prevent them. You can examine the logs later to learn what you can do to increase the security of your sites since you will find details such as where an intrusion attempt originated from, what website was attacked and based upon what rule ModSecurity responded, etc. The rules that we use are commercial, therefore they are regularly updated by a security provider, but to be on the safe side, our administrators also include custom rules every now and then in order to deal with any new threats they have identified.