ModSecurity is a plugin for Apache web servers that acts as a web application layer firewall. It's used to prevent attacks against script-driven Internet sites by employing security rules which contain particular expressions. This way, the firewall can stop hacking and spamming attempts and preserve even websites which aren't updated frequently. For example, multiple failed login attempts to a script administrative area or attempts to execute a specific file with the purpose to get access to the script will trigger certain rules, so ModSecurity will block out these activities the minute it detects them. The firewall is very efficient as it tracks the whole HTTP traffic to a site in real time without slowing it down, so it will be able to stop an attack before any damage is done. It furthermore keeps a very thorough log of all attack attempts which contains more information than typical Apache logs, so you could later examine the data and take further measures to boost the security of your websites if needed.

ModSecurity in Shared Web Hosting

ModSecurity is provided with all shared web hosting machines, so if you choose to host your sites with our business, they shall be protected against an array of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you will need to do on your end. You shall be able to stop ModSecurity for any website if necessary, or to switch on a detection mode, so all activity will be recorded, but the firewall won't take any real action. You will be able to view detailed logs via your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity dealt with the threat. Since we take the safety of our customers' websites very seriously, we use a set of commercial rules which we take from one of the best companies that maintain such rules. Our admins also include custom rules to make certain that your sites shall be protected against as many risks as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting plans and if you decide to host your Internet sites with our company, there shall not be anything special you'll need to do given that the firewall is activated by default for all domains and subdomains that you include via your hosting Control Panel. If required, you could disable ModSecurity for a certain website or switch on the so-called detection mode in which case the firewall shall still work and record data, but shall not do anything to stop possible attacks against your websites. In depth logs shall be accessible inside your Control Panel and you shall be able to see what sort of attacks took place, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, and so on. We use two types of rules on our servers - commercial ones from a firm that operates in the field of web security, and customized ones that our admins often add to respond to newly found threats on time.

ModSecurity in VPS Hosting

All virtual private servers that are set up with the Hepsia CP include ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the web server, so there shall not be anything special which you shall have to do to protect your sites. It'll take you only a click to stop ModSecurity if necessary or to turn on its passive mode so that it records what happens without taking any actions to prevent intrusions. You shall be able to see the logs produced in active or passive mode through the corresponding section of Hepsia and learn more about the type of the attack, where it originated from, what rule the firewall used to deal with it, etc. We use a combination of commercial and custom rules so as to make sure that ModSecurity shall block out as many threats as possible, therefore increasing the security of your web applications as much as possible.

ModSecurity in Dedicated Web Hosting

ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain that you create on the web server. In case that a web application does not operate adequately, you may either switch off the firewall or set it to operate in passive mode. The second means that ModSecurity will maintain a log of any possible attack which may happen, but will not take any action to stop it. The logs created in active or passive mode shall offer you additional details about the exact file that was attacked, the nature of the attack and the IP address it originated from, and so forth. This info will permit you to determine what measures you can take to improve the protection of your websites, including blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated constantly with a commercial package from a third-party security enterprise we work with, but from time to time our admins include their own rules as well in case they come across a new potential threat.