ModSecurity is a plugin for Apache web servers which acts as a web application layer firewall. It is used to stop attacks towards script-driven Internet sites by employing security rules that contain certain expressions. That way, the firewall can stop hacking and spamming attempts and protect even sites that are not updated often. As an example, multiple failed login attempts to a script admin area or attempts to execute a particular file with the purpose to get access to the script shall trigger particular rules, so ModSecurity will block out these activities the moment it identifies them. The firewall is very efficient as it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it could stop an attack before any damage is done. It additionally maintains an incredibly thorough log of all attack attempts which features more information than conventional Apache logs, so you could later examine the data and take extra measures to enhance the security of your websites if needed.

ModSecurity in Shared Web Hosting

ModSecurity is supplied with all shared web hosting servers, so if you decide to host your websites with our company, they shall be resistant to an array of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any website if needed, or to enable a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You'll be able to view comprehensive logs via your Hepsia Control Panel including the IP where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. As we take the protection of our clients' sites seriously, we use a collection of commercial rules that we get from one of the leading companies that maintain such rules. Our admins also include custom rules to make certain that your Internet sites will be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages that we offer include ModSecurity and because the firewall is enabled by default, any Internet site you set up under a domain or a subdomain shall be secured straight away. A separate section inside the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll allow you to stop and start the firewall for any website or activate a detection mode. With the latter, ModSecurity will not take any action, but it shall still identify possible attacks and shall keep all data inside a log as if it were 100% active. The logs could be found within the very same section of the CP and they offer information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules we use on our machines are a mix between commercial ones from a security business and custom ones made by our system administrators. For that reason, we provide higher security for your web programs as we can shield them from attacks before security companies release updates for new threats.

ModSecurity in Dedicated Web Hosting

ModSecurity is available by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain that you create on the server. In case that a web application doesn't operate properly, you can either switch off the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any possible attack which might occur, but will not take any action to prevent it. The logs produced in active or passive mode will present you with additional details about the exact file which was attacked, the nature of the attack and the IP address it came from, and so on. This data shall enable you to determine what actions you can take to improve the security of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we employ are updated frequently with a commercial pack from a third-party security provider we work with, but sometimes our administrators include their own rules too in case they discover a new potential threat.