ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It's used to stop attacks toward script-driven Internet sites by using security rules which contain particular expressions. In this way, the firewall can block hacking and spamming attempts and preserve even websites which aren't updated often. For example, numerous unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the intention to get access to the script shall trigger certain rules, so ModSecurity shall block out these activities the instant it detects them. The firewall is quite efficient because it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it can easily prevent an attack before any harm is done. It furthermore keeps an exceptionally thorough log of all attack attempts which includes more information than traditional Apache logs, so you could later analyze the data and take additional measures to boost the security of your Internet sites if required.

ModSecurity in Cloud Hosting

ModSecurity comes by default with all cloud hosting solutions which we supply and it'll be turned on automatically for any domain or subdomain which you add/create in your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and disable it with only a click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to prevent them. The log for each of your Internet sites will include comprehensive info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules we use are constantly updated and comprise of both commercial ones that we get from a third-party security business and custom ones which our system administrators add in case that they detect a new kind of attacks. That way, the websites that you host here will be much more secure without any action expected on your end.

ModSecurity in Semi-dedicated Servers

We have included ModSecurity by default inside all semi-dedicated server plans, so your web applications shall be protected whenever you set them up under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall permit you to enable or disable the firewall for any Internet site with a click. You shall also have the ability to switch on a passive detection mode through which ModSecurity shall maintain a log of possible attacks without really preventing them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack activated, where it came from, etc. The list of rules which we use is constantly updated in order to match any new risks which might appear on the Internet and it consists of both commercial rules that we get from a security corporation and custom-written ones which our admins add if they find a threat that's not present within the commercial list yet.

ModSecurity in Dedicated Servers

All of our dedicated servers which are set up with the Hepsia hosting Control Panel feature ModSecurity, so any application you upload or set up shall be properly secured from the very beginning and you'll not need to worry about common attacks or vulnerabilities. A separate section in Hepsia will permit you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you'll discover in the logs shall allow you to to secure your websites better - the IP an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, and so on. With this data, you'll be able to see whether a site needs an update, if you need to block IPs from accessing your web server, and so on. In addition to the third-party commercial security rules for ModSecurity which we use, our admins include custom ones as well every time they come across a new threat that's not yet a part of the commercial bundle.