ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's employed to prevent attacks toward script-driven Internet sites by using security rules which contain specific expressions. This way, the firewall can block hacking and spamming attempts and shield even sites that are not updated often. For example, a number of unsuccessful login attempts to a script admin area or attempts to execute a certain file with the intention to get access to the script shall trigger specific rules, so ModSecurity shall stop these activities the minute it detects them. The firewall is incredibly efficient as it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any damage is done. It also keeps a very comprehensive log of all attack attempts that features more information than conventional Apache logs, so you could later examine the data and take extra measures to boost the security of your Internet sites if necessary.

ModSecurity in Shared Hosting

We provide ModSecurity with all shared hosting plans, so your web applications will be resistant to harmful attacks. The firewall is activated by default for all domains and subdomains, but in case you'd like, you shall be able to stop it through the respective part of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you will discover inside Hepsia are extremely detailed and feature data about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, etc. We use a set of commercial rules that are often updated, but sometimes our administrators add custom rules as well in order to better protect the sites hosted on our machines.

ModSecurity in Semi-dedicated Servers

Any web app you install in your new semi-dedicated server account will be protected by ModSecurity since the firewall is included with all our hosting solutions and is turned on by default for any domain and subdomain which you add or create using your Hepsia hosting CP. You will be able to manage ModSecurity through a dedicated section within Hepsia where not simply can you activate or deactivate it completely, but you could also activate a passive mode, so the firewall will not stop anything, but it'll still maintain an archive of potential attacks. This normally requires simply a mouse click and you'll be able to see the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was handled, etc. The firewall uses two groups of rules on our machines - a commercial one that we get from a third-party web security provider and a custom one which our administrators update personally in order to respond to newly discovered threats as soon as possible.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are set up with the Hepsia hosting CP, so your web apps shall be protected from the moment your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if required, you could disable it with a click through the corresponding section of Hepsia. You could also set it to operate in detection mode, so it'll keep a detailed log of any potential attacks without taking any action to prevent them. The logs can be found inside the very same section and provide info about the nature of the attack, what IP it came from and what ModSecurity rule was initiated to stop it. For maximum security, we employ not simply commercial rules from a firm working in the field of web security, but also custom ones which our administrators add personally in order to react to new threats which are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

If you choose to host your sites on a dedicated server with the Hepsia CP, your web applications shall be secured right away since ModSecurity is provided with all Hepsia-based packages. You shall be able to control the firewall with ease and if required, you shall be able to turn it off or activate its passive mode when it'll only maintain a log of what's going on without taking any action to stop potential attacks. The logs which you can find within the same section of the Control Panel are incredibly detailed and include information about the attacker IP, what website and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etcetera. This data shall allow you to take measures and boost the security of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our administrators include every time they detect attacks that haven't yet been included within the commercial pack.