ModSecurity

ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It is employed to prevent attacks against script-driven sites by using security rules that contain certain expressions. That way, the firewall can block hacking and spamming attempts and protect even websites that aren't updated regularly. For instance, multiple failed login attempts to a script administrator area or attempts to execute a certain file with the purpose to get access to the script will trigger certain rules, so ModSecurity will block out these activities the moment it discovers them. The firewall is incredibly efficient because it screens the whole HTTP traffic to an Internet site in real time without slowing it down, so it can easily prevent an attack before any damage is done. It furthermore keeps an exceptionally comprehensive log of all attack attempts which includes more information than conventional Apache logs, so you could later check out the data and take further measures to enhance the security of your sites if needed.

ModSecurity in Shared Web Hosting

We offer ModSecurity with all shared web hosting packages, so your Internet apps will be resistant to harmful attacks. The firewall is turned on as standard for all domains and subdomains, but in case you'd like, you shall be able to stop it through the respective part of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you shall find in Hepsia are extremely detailed and include info about the nature of any attack, when it transpired and from what IP address, the firewall rule that was triggered, etc. We use a group of commercial rules that are regularly updated, but sometimes our administrators include custom rules as well so as to better protect the Internet sites hosted on our servers.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers which we offer and it will be switched on automatically for any new domain or subdomain which you include on the machine. In this way, any web app which you install will be protected right away without doing anything by hand on your end. The firewall may be managed through the section of the CP which has the same name. This is the area in whichyou could switch off ModSecurity or enable its passive mode, so it shall not take any action towards threats, but will still maintain a detailed log. The recorded data is available within the same area as well and you'll be able to see what IPs any attacks originated from to enable you to stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules which we use on our servers are a combination between commercial ones which we obtain from a security organization and custom ones that are added by our staff to enhance the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers which are integrated with our Hepsia CP and you won't need to do anything specific on your end to employ it as it is activated by default each time you add a new domain or subdomain on your hosting server. In case it disrupts any of your apps, you shall be able to stop it through the respective part of Hepsia, or you may leave it in passive mode, so it shall identify attacks and shall still maintain a log for them, but shall not stop them. You may examine the logs later to find out what you can do to increase the security of your websites since you'll find info such as where an intrusion attempt originated from, what site was attacked and based upon what rule ModSecurity responded, etcetera. The rules that we employ are commercial, therefore they're regularly updated by a security firm, but to be on the safe side, our admins also add custom rules occasionally in order to deal with any new threats they have identified.