ModSecurity is a plugin for Apache web servers that functions as a web application layer firewall. It is employed to prevent attacks towards script-driven sites by using security rules that contain particular expressions. In this way, the firewall can stop hacking and spamming attempts and preserve even websites that aren't updated on a regular basis. For example, several failed login attempts to a script administrator area or attempts to execute a certain file with the intention to get access to the script will trigger specific rules, so ModSecurity will stop these activities the minute it detects them. The firewall is incredibly efficient because it monitors the entire HTTP traffic to an Internet site in real time without slowing it down, so it could prevent an attack before any harm is done. It additionally maintains a very thorough log of all attack attempts which contains more info than standard Apache logs, so you can later check out the data and take extra measures to boost the security of your Internet sites if necessary.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting plans and if you decide to host your sites with us, there will not be anything special you'll have to do given that the firewall is turned on by default for all domains and subdomains which you add via your hosting Control Panel. If needed, you'll be able to disable ModSecurity for a given Internet site or turn on the so-called detection mode in which case the firewall shall still work and record data, but shall not do anything to stop possible attacks on your sites. In depth logs shall be available in your CP and you will be able to see what sort of attacks happened, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, and so on. We use two sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and customized ones which our administrators occasionally add to respond to newly identified threats promptly.

ModSecurity in VPS Hosting

ModSecurity is pre-installed on all virtual private servers which are offered with the Hepsia hosting Control Panel, so your web programs shall be protected from the second your server is in a position. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if necessary, you can disable it with a mouse click from the corresponding section of Hepsia. You may also set it to work in detection mode, so it'll keep a detailed log of any potential attacks without taking any action to prevent them. The logs are available in the same section and provide information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For best security, we use not just commercial rules from a firm working in the field of web security, but also custom ones our admins include personally in order to respond to new threats which are still not addressed in the commercial rules.

ModSecurity in Dedicated Web Hosting

ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain which you create on the server. Just in case that a web app doesn't operate adequately, you could either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity shall keep a log of any potential attack which could occur, but will not take any action to prevent it. The logs created in active or passive mode will give you more details about the exact file that was attacked, the type of the attack and the IP address it came from, etcetera. This information will permit you to decide what measures you can take to enhance the safety of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we employ are updated often with a commercial bundle from a third-party security provider we work with, but from time to time our staff include their own rules too in the event that they identify a new potential threat.