ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is employed to prevent attacks against script-driven Internet sites by using security rules which contain certain expressions. In this way, the firewall can prevent hacking and spamming attempts and shield even websites that are not updated regularly. As an example, numerous unsuccessful login attempts to a script administrator area or attempts to execute a particular file with the intention to get access to the script shall trigger specific rules, so ModSecurity will block out these activities the minute it identifies them. The firewall is incredibly efficient because it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it could stop an attack before any harm is done. It additionally keeps an incredibly comprehensive log of all attack attempts which includes more information than standard Apache logs, so you could later analyze the data and take extra measures to improve the security of your sites if required.

ModSecurity in Cloud Web Hosting

ModSecurity comes by default with all cloud web hosting solutions which we offer and it will be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has three different modes, so you'll be able to activate and disable it with just a click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to prevent them. The log for each of your websites will contain in-depth information such as the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are regularly updated and comprise of both commercial ones we get from a third-party security firm and custom ones that our system admins add in case that they detect a new kind of attacks. In this way, the sites you host here will be far more protected without any action required on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages that we offer come with ModSecurity and since the firewall is switched on by default, any website you set up under a domain or a subdomain shall be protected right away. A separate section within the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will permit you to start and stop the firewall for any site or switch on a detection mode. With the latter, ModSecurity won't take any action, but it'll still recognize possible attacks and shall keep all data within a log as if it were completely active. The logs can be found in the exact same section of the Control Panel and they offer specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules we use on our servers are a mix between commercial ones from a security firm and custom ones made by our system administrators. As a result, we provide greater security for your web apps as we can shield them from attacks even before security businesses release updates for brand new threats.

ModSecurity in Dedicated Web Hosting

ModSecurity is offered as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain which you create on the web server. In the event that a web app doesn't work adequately, you could either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity will maintain a log of any possible attack that could take place, but shall not take any action to stop it. The logs generated in passive or active mode will offer you additional details about the exact file which was attacked, the type of the attack and the IP address it originated from, etc. This data shall allow you to decide what measures you can take to increase the security of your sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules we employ are updated regularly with a commercial bundle from a third-party security company we work with, but oftentimes our administrators include their own rules as well in the event that they discover a new potential threat.