ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It is employed to stop attacks toward script-driven websites through the use of security rules that contain specific expressions. In this way, the firewall can stop hacking and spamming attempts and preserve even Internet sites which are not updated regularly. For instance, multiple unsuccessful login attempts to a script administrator area or attempts to execute a specific file with the intention to get access to the script will trigger particular rules, so ModSecurity shall block these activities the minute it detects them. The firewall is extremely efficient since it tracks the entire HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any damage is done. It additionally maintains an exceptionally detailed log of all attack attempts which contains more info than typical Apache logs, so you could later check out the data and take additional measures to increase the security of your Internet sites if necessary.

ModSecurity in Cloud Hosting

We offer ModSecurity with all cloud hosting packages, so your Internet applications shall be protected against destructive attacks. The firewall is turned on by default for all domains and subdomains, but if you would like, you shall be able to stop it using the respective area of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you shall find in Hepsia are incredibly detailed and include data about the nature of any attack, when it transpired and from what IP, the firewall rule that was triggered, etcetera. We employ a set of commercial rules that are frequently updated, but sometimes our admins add custom rules as well so as to better protect the websites hosted on our servers.

ModSecurity in VPS Servers

Safety is extremely important to us, so we install ModSecurity on all VPS servers which are made available with the Hepsia CP as a standard. The firewall could be managed through a dedicated section inside Hepsia and is activated automatically when you include a new domain or generate a subdomain, so you will not have to do anything by hand. You shall also be able to deactivate it or turn on the so-called detection mode, so it'll keep a log of potential attacks you can later examine, but will not stop them. The logs in both passive and active modes contain info about the kind of the attack and how it was eliminated, what IP address it originated from and other valuable data that may help you to tighten the security of your sites by updating them or blocking IPs, as an example. On top of the commercial rules that we get for ModSecurity from a third-party security enterprise, we also use our own rules because from time to time we find specific attacks which aren't yet present in the commercial pack. That way, we can easily boost the security of your VPS instantly rather than waiting for a certified update.