ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's used to prevent attacks towards script-driven sites by employing security rules which contain particular expressions. That way, the firewall can prevent hacking and spamming attempts and protect even Internet sites which are not updated frequently. For instance, several failed login attempts to a script admin area or attempts to execute a particular file with the intention to get access to the script will trigger specific rules, so ModSecurity will stop these activities the instant it detects them. The firewall is very efficient because it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it can easily stop an attack before any damage is done. It additionally maintains an exceptionally comprehensive log of all attack attempts which features more information than typical Apache logs, so you could later check out the data and take further measures to enhance the security of your websites if necessary.

ModSecurity in Cloud Hosting

ModSecurity is provided with all cloud hosting machines, so when you decide to host your Internet sites with our company, they shall be protected against a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there shall be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any Internet site if necessary, or to switch on a detection mode, so all activity will be recorded, but the firewall will not take any real action. You'll be able to view detailed logs through your Hepsia Control Panel including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity handled the threat. Since we take the protection of our clients' Internet sites seriously, we employ a selection of commercial rules that we get from one of the best companies that maintain this type of rules. Our admins also include custom rules to make certain that your sites shall be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting plans and if you decide to host your Internet sites with us, there won't be anything special you'll have to do as the firewall is turned on by default for all domains and subdomains that you add via your hosting CP. If required, you could disable ModSecurity for a particular site or activate the so-called detection mode in which case the firewall shall still work and record data, but won't do anything to prevent potential attacks against your Internet sites. Detailed logs shall be available inside your CP and you'll be able to see which kind of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, etc. We employ 2 sorts of rules on our servers - commercial ones from a company that operates in the field of web security, and customized ones which our admins sometimes add to respond to newly identified risks on time.

ModSecurity in VPS Web Hosting

Security is extremely important to us, so we install ModSecurity on all virtual private servers that are made available with the Hepsia CP as a standard. The firewall could be managed via a dedicated section within Hepsia and is activated automatically when you add a new domain or generate a subdomain, so you won't need to do anything by hand. You will also be able to deactivate it or activate the so-called detection mode, so it'll maintain a log of potential attacks that you can later analyze, but shall not stop them. The logs in both passive and active modes offer info about the kind of the attack and how it was eliminated, what IP it came from and other useful information which may help you to tighten the security of your Internet sites by updating them or blocking IPs, for instance. Besides the commercial rules we get for ModSecurity from a third-party security firm, we also implement our own rules because once in a while we detect specific attacks that aren't yet present inside the commercial pack. This way, we can easily improve the security of your Virtual private server immediately instead of awaiting a certified update.

ModSecurity in Dedicated Servers Hosting

ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain which you create on the server. In case that a web app doesn't function correctly, you may either switch off the firewall or set it to work in passive mode. The latter means that ModSecurity shall keep a log of any potential attack which may take place, but won't take any action to prevent it. The logs generated in passive or active mode will offer you additional details about the exact file which was attacked, the nature of the attack and the IP it originated from, etcetera. This information shall permit you to choose what measures you can take to boost the protection of your sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated frequently with a commercial pack from a third-party security firm we work with, but from time to time our admins add their own rules as well if they identify a new potential threat.