ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It's employed to prevent attacks against script-driven websites by using security rules that contain particular expressions. That way, the firewall can prevent hacking and spamming attempts and protect even sites that aren't updated often. For instance, a number of failed login attempts to a script administrator area or attempts to execute a certain file with the objective to get access to the script shall trigger particular rules, so ModSecurity shall block out these activities the minute it detects them. The firewall is extremely efficient as it monitors the entire HTTP traffic to a site in real time without slowing it down, so it can easily prevent an attack before any damage is done. It furthermore maintains an exceptionally detailed log of all attack attempts which features more information than traditional Apache logs, so you could later examine the data and take further measures to enhance the security of your Internet sites if needed.

ModSecurity in Shared Website Hosting

ModSecurity is supplied with all shared website hosting web servers, so if you choose to host your websites with our firm, they'll be shielded from an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you shall have to do on your end. You shall be able to stop ModSecurity for any Internet site if required, or to activate a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You shall be able to view specific logs through your Hepsia Control Panel including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the safety of our customers' websites very seriously, we employ a set of commercial rules that we get from one of the leading companies that maintain this sort of rules. Our admins also include custom rules to make certain that your sites shall be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Hosting

Any web program that you install within your new semi-dedicated hosting account will be protected by ModSecurity because the firewall is included with all our hosting plans and is activated by default for any domain and subdomain you add or create using your Hepsia hosting Control Panel. You'll be able to manage ModSecurity via a dedicated section within Hepsia where not only can you activate or deactivate it completely, but you can also switch on a passive mode, so the firewall shall not block anything, but it shall still maintain an archive of potential attacks. This requires simply a mouse click and you shall be able to look at the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was addressed, etc. The firewall employs two groups of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one that our administrators update manually in order to respond to newly discovered threats as soon as possible.

ModSecurity in Dedicated Hosting

ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain that you create on the web server. In case that a web application does not operate correctly, you may either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity shall maintain a log of any possible attack that could occur, but won't take any action to stop it. The logs produced in passive or active mode shall provide you with additional details about the exact file that was attacked, the form of the attack and the IP address it came from, and so forth. This info will allow you to choose what steps you can take to improve the security of your sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated regularly with a commercial package from a third-party security firm we work with, but from time to time our administrators add their own rules as well when they come across a new potential threat.