ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is employed to stop attacks toward script-driven sites by using security rules that contain specific expressions. This way, the firewall can stop hacking and spamming attempts and shield even Internet sites that are not updated often. For example, multiple failed login attempts to a script administrator area or attempts to execute a certain file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall block out these activities the moment it detects them. The firewall is very efficient since it tracks the whole HTTP traffic to a website in real time without slowing it down, so it can stop an attack before any damage is done. It furthermore maintains a very thorough log of all attack attempts that includes more info than traditional Apache logs, so you can later analyze the data and take extra measures to boost the security of your websites if necessary.

ModSecurity in Web Hosting

We provide ModSecurity with all web hosting packages, so your Internet apps will be protected against harmful attacks. The firewall is turned on by default for all domains and subdomains, but in case you would like, you'll be able to stop it using the respective part of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you shall find within Hepsia are very detailed and include data about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, etcetera. We employ a set of commercial rules that are constantly updated, but sometimes our admins add custom rules as well in order to better protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

We have integrated ModSecurity as a standard inside all semi-dedicated hosting packages, so your web apps shall be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will allow you to enable or turn off the firewall for any Internet site with a mouse click. You'll also be able to turn on a passive detection mode in which ModSecurity shall maintain a log of possible attacks without actually preventing them. The detailed logs include things like the nature of the attack and what ModSecurity response this attack activated, where it originated from, etcetera. The list of rules that we use is constantly updated as to match any new risks which might appear on the Internet and it features both commercial rules that we get from a security business and custom-written ones which our admins add in case they find a threat that is not present in the commercial list yet.

ModSecurity in VPS Web Hosting

Security is very important to us, so we set up ModSecurity on all virtual private servers which are set up with the Hepsia Control Panel as a standard. The firewall could be managed through a dedicated section inside Hepsia and is turned on automatically when you include a new domain or create a subdomain, so you'll not have to do anything personally. You will also be able to disable it or turn on the so-called detection mode, so it will maintain a log of possible attacks which you can later study, but shall not block them. The logs in both passive and active modes include info about the kind of the attack and how it was eliminated, what IP address it came from and other useful info which could help you to tighten the security of your sites by updating them or blocking IPs, as an example. Besides the commercial rules which we get for ModSecurity from a third-party security enterprise, we also implement our own rules because occasionally we identify specific attacks which are not yet present inside the commercial pack. This way, we can easily enhance the security of your VPS in a timely manner instead of awaiting an official update.

ModSecurity in Dedicated Servers Hosting

ModSecurity is included with all dedicated servers which are integrated with our Hepsia CP and you'll not need to do anything specific on your end to employ it as it is switched on by default every time you include a new domain or subdomain on your web server. If it disrupts any of your apps, you shall be able to stop it through the respective area of Hepsia, or you can leave it working in passive mode, so it will recognize attacks and will still maintain a log for them, but shall not prevent them. You can examine the logs later to find out what you can do to increase the safety of your Internet sites as you'll find info such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity responded, etcetera. The rules that we employ are commercial, therefore they're constantly updated by a security provider, but to be on the safe side, our admins also include custom rules from time to time as to react to any new threats they have found.

    • Our ID: 287259