ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's used to stop attacks towards script-driven Internet sites by using security rules which contain specific expressions. That way, the firewall can stop hacking and spamming attempts and shield even Internet sites that are not updated regularly. For instance, a number of failed login attempts to a script administrative area or attempts to execute a particular file with the intention to get access to the script will trigger specific rules, so ModSecurity shall block out these activities the instant it detects them. The firewall is incredibly efficient because it screens the whole HTTP traffic to a website in real time without slowing it down, so it can stop an attack before any damage is done. It furthermore keeps a very comprehensive log of all attack attempts that features more information than traditional Apache logs, so you could later check out the data and take additional measures to improve the security of your sites if necessary.

ModSecurity in Website Hosting

We provide ModSecurity with all website hosting solutions, so your Internet applications will be shielded from harmful attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you shall be able to stop it through the respective part of your Hepsia CP. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you will find inside Hepsia are extremely detailed and include info about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, etc. We employ a set of commercial rules that are regularly updated, but sometimes our administrators include custom rules as well so as to efficiently protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

Any web app you install inside your new semi-dedicated hosting account shall be protected by ModSecurity because the firewall is provided with all our hosting plans and is turned on by default for any domain and subdomain that you add or create through your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated area within Hepsia where not only could you activate or deactivate it entirely, but you could also switch on a passive mode, so the firewall won't block anything, but it will still maintain an archive of potential attacks. This takes only a mouse click and you will be able to view the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, etc. The firewall employs two sets of rules on our web servers - a commercial one that we get from a third-party web security firm and a custom one which our admins update personally as to respond to recently discovered threats at the earliest opportunity.

ModSecurity in Dedicated Web Hosting

All of our dedicated servers that are installed with the Hepsia hosting CP feature ModSecurity, so any app that you upload or set up shall be secured from the very beginning and you won't have to concern yourself with common attacks or vulnerabilities. An individual section inside Hepsia will enable you to start or stop the firewall for any domain or subdomain, or switch on a detection mode so that it records info about intrusions, but doesn't take actions to prevent them. What you shall find in the logs can easily enable you to to secure your Internet sites better - the IP an attack came from, what website was attacked and in what way, what ModSecurity rule was triggered, etc. With this data, you can see whether a website needs an update, whether you should block IPs from accessing your web server, etc. Aside from the third-party commercial security rules for ModSecurity we use, our administrators add custom ones too when they find a new threat which is not yet in the commercial bundle.