ModSecurity is a plugin for Apache web servers which functions as a web application layer firewall. It's used to stop attacks towards script-driven websites by employing security rules that contain specific expressions. This way, the firewall can prevent hacking and spamming attempts and shield even websites which aren't updated frequently. For instance, multiple failed login attempts to a script administrator area or attempts to execute a specific file with the objective to get access to the script shall trigger certain rules, so ModSecurity shall stop these activities the second it discovers them. The firewall is very efficient as it monitors the whole HTTP traffic to an Internet site in real time without slowing it down, so it will be able to stop an attack before any harm is done. It furthermore keeps an exceptionally thorough log of all attack attempts that contains more information than traditional Apache logs, so you can later analyze the data and take further measures to increase the security of your Internet sites if required.

ModSecurity in Shared Web Hosting

We provide ModSecurity with all shared web hosting plans, so your web apps shall be shielded from harmful attacks. The firewall is activated by default for all domains and subdomains, but if you would like, you will be able to stop it via the respective area of your Hepsia CP. You can also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you shall discover in Hepsia are very detailed and offer information about the nature of any attack, when it transpired and from what IP address, the firewall rule that was triggered, etcetera. We employ a set of commercial rules that are regularly updated, but sometimes our administrators include custom rules as well so as to efficiently protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

We have integrated ModSecurity by default in all semi-dedicated hosting plans, so your web apps shall be protected the instant you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts will allow you to switch on or disable the firewall for any website with a mouse click. You shall also be able to activate a passive detection mode in which ModSecurity will keep a log of potential attacks without really stopping them. The detailed logs include the nature of the attack and what ModSecurity response that attack activated, where it originated from, etc. The list of rules that we employ is regularly updated as to match any new threats that might appear on the Internet and it consists of both commercial rules that we get from a security business and custom-written ones which our administrators add if they discover a threat that's not present inside the commercial list yet.

ModSecurity in Dedicated Hosting

ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain that you create on the server. In the event that a web application doesn't work adequately, you can either turn off the firewall or set it to function in passive mode. The second means that ModSecurity will maintain a log of any possible attack which could take place, but won't take any action to prevent it. The logs created in passive or active mode shall provide you with more details about the exact file that was attacked, the form of the attack and the IP it came from, and so on. This data shall permit you to choose what measures you can take to boost the safety of your websites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we employ are updated often with a commercial package from a third-party security provider we work with, but sometimes our staff include their own rules too when they come across a new potential threat.