ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's employed to prevent attacks against script-driven sites through the use of security rules which contain particular expressions. That way, the firewall can block hacking and spamming attempts and protect even sites which are not updated frequently. For instance, numerous unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the intention to get access to the script shall trigger specific rules, so ModSecurity shall block out these activities the minute it identifies them. The firewall is quite efficient since it monitors the whole HTTP traffic to a site in real time without slowing it down, so it could prevent an attack before any damage is done. It furthermore keeps an exceptionally thorough log of all attack attempts which features more info than typical Apache logs, so you can later check out the data and take additional measures to enhance the security of your Internet sites if needed.

ModSecurity in Website Hosting

We offer ModSecurity with all website hosting solutions, so your web apps will be resistant to harmful attacks. The firewall is activated as standard for all domains and subdomains, but in case you would like, you shall be able to stop it through the respective area of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you shall discover within Hepsia are quite detailed and feature data about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, and so on. We employ a group of commercial rules that are frequently updated, but sometimes our admins add custom rules as well in order to efficiently protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Servers

Any web app which you install within your new semi-dedicated server account shall be protected by ModSecurity as the firewall is included with all our hosting solutions and is activated by default for any domain and subdomain that you include or create using your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated section within Hepsia where not simply could you activate or deactivate it fully, but you can also switch on a passive mode, so the firewall shall not stop anything, but it will still maintain a record of possible attacks. This requires just a mouse click and you shall be able to see the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was dealt with, etc. The firewall uses two groups of rules on our servers - a commercial one which we get from a third-party web security firm and a custom one that our admins update manually as to respond to newly discovered threats as soon as possible.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain which you create on the web server. Just in case that a web app does not work correctly, you may either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity will maintain a log of any potential attack which might happen, but won't take any action to prevent it. The logs created in active or passive mode will provide you with additional details about the exact file that was attacked, the type of the attack and the IP it originated from, etc. This data shall permit you to determine what measures you can take to boost the safety of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated regularly with a commercial bundle from a third-party security firm we work with, but from time to time our staff include their own rules too if they come across a new potential threat.