ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It is used to prevent attacks toward script-driven sites by employing security rules that contain certain expressions. That way, the firewall can prevent hacking and spamming attempts and protect even Internet sites that are not updated regularly. For instance, numerous unsuccessful login attempts to a script admin area or attempts to execute a specific file with the objective to get access to the script shall trigger particular rules, so ModSecurity will block these activities the minute it detects them. The firewall is extremely efficient as it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it can stop an attack before any damage is done. It additionally keeps a very detailed log of all attack attempts which features more information than typical Apache logs, so you could later analyze the data and take additional measures to improve the security of your Internet sites if needed.

ModSecurity in Semi-dedicated Hosting

Any web application that you install within your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall comes with all our hosting packages and is activated by default for any domain and subdomain which you add or create via your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated area in Hepsia where not simply could you activate or deactivate it completely, but you could also enable a passive mode, so the firewall shall not block anything, but it'll still maintain an archive of possible attacks. This takes only a mouse click and you shall be able to view the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was taken care of, and so on. The firewall uses two sets of rules on our web servers - a commercial one which we get from a third-party web security provider and a custom one which our admins update manually in order to respond to newly discovered risks as quickly as possible.

ModSecurity in VPS

All virtual private servers that are offered with the Hepsia Control Panel come with ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the machine, so there shall not be anything special that you shall have to do to protect your Internet sites. It'll take you just a click to stop ModSecurity if necessary or to activate its passive mode so that it records what occurs without taking any actions to prevent intrusions. You shall be able to look at the logs generated in passive or active mode through the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to handle it, etc. We use a mix of commercial and custom rules in order to ensure that ModSecurity will stop as many threats as possible, therefore improving the security of your web applications as much as possible.

ModSecurity in Dedicated Hosting

ModSecurity comes with all dedicated servers that are set up with our Hepsia Control Panel and you'll not need to do anything specific on your end to employ it because it is turned on by default whenever you include a new domain or subdomain on your server. In case it disrupts some of your programs, you'll be able to stop it through the respective part of Hepsia, or you can leave it operating in passive mode, so it shall detect attacks and shall still keep a log for them, but shall not prevent them. You can look at the logs later to find out what you can do to boost the protection of your Internet sites since you'll find details such as where an intrusion attempt originated from, what website was attacked and based upon what rule ModSecurity reacted, etcetera. The rules we use are commercial, therefore they are frequently updated by a security company, but to be on the safe side, our administrators also add custom rules once in a while as to respond to any new threats they have identified.