ModSecurity is a plugin for Apache web servers that functions as a web app layer firewall. It's employed to stop attacks towards script-driven Internet sites by employing security rules that contain particular expressions. That way, the firewall can stop hacking and spamming attempts and protect even sites which aren't updated often. As an example, several unsuccessful login attempts to a script admin area or attempts to execute a specific file with the intention to get access to the script shall trigger specific rules, so ModSecurity shall stop these activities the instant it discovers them. The firewall is very efficient because it monitors the whole HTTP traffic to a site in real time without slowing it down, so it can stop an attack before any harm is done. It additionally maintains a very detailed log of all attack attempts which includes more information than traditional Apache logs, so you could later analyze the data and take extra measures to enhance the security of your websites if required.

ModSecurity in Shared Website Hosting

ModSecurity is supplied with all shared website hosting machines, so when you choose to host your Internet sites with our organization, they will be protected against a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you shall need to do on your end. You shall be able to stop ModSecurity for any site if required, or to activate a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You shall be able to view detailed logs using your Hepsia Control Panel including the IP where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. As we take the security of our clients' sites very seriously, we use a group of commercial rules which we take from one of the best firms that maintain this type of rules. Our administrators also add custom rules to ensure that your Internet sites will be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server packages and if you opt to host your websites with us, there shall not be anything special you'll need to do as the firewall is activated by default for all domains and subdomains that you include using your hosting CP. If required, you'll be able to disable ModSecurity for a particular Internet site or activate the so-called detection mode in which case the firewall will still function and record info, but shall not do anything to prevent possible attacks on your websites. Thorough logs will be readily available in your CP and you'll be able to see what sort of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, and so forth. We employ two kinds of rules on our servers - commercial ones from a firm that operates in the field of web security, and customized ones which our administrators occasionally include to respond to newly discovered risks in a timely manner.

ModSecurity in VPS Servers

All VPS servers which are provided with the Hepsia CP come with ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the web server, so there will not be anything special which you'll need to do to protect your Internet sites. It will take you only a mouse click to stop ModSecurity if needed or to activate its passive mode so that it records what happens without taking any measures to prevent intrusions. You'll be able to see the logs generated in passive or active mode from the corresponding section of Hepsia and find out more about the form of the attack, where it originated from, what rule the firewall employed to take care of it, etcetera. We use a mix of commercial and custom rules so as to ensure that ModSecurity shall block as many threats as possible, thus improving the protection of your web programs as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the hosting server. Just in case that a web application doesn't function adequately, you can either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity shall keep a log of any possible attack that could occur, but will not take any action to stop it. The logs generated in active or passive mode will offer you more details about the exact file that was attacked, the nature of the attack and the IP address it originated from, etcetera. This information shall permit you to determine what actions you can take to improve the protection of your sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated frequently with a commercial pack from a third-party security provider we work with, but sometimes our admins include their own rules as well in the event that they identify a new potential threat.