ModSecurity

: Hosting Definitions; AAAA Records; Access Log Manager; Additional RAM; Administration Services; Advanced Tools; Email Aliases; Antivirus Protection; APC; Web Apps Installer; Auto-reply Emails; Browsable Daily Backups; Catch-all Emails; CentOS; Live Chat Support; ClientExec Billing And Support Software; Genuine Cloud Architecture; CNAME Records; Control Panel; Hardware; CPanel Control Panel; CPU Share; Cron Jobs; Custom Error Pages; MX And A Records; Daily Data Back-up; Data Centers; Data Compression; Debian; Dedicated IP Address; Server Network Hardware; DirectAdmin Control Panel; Disk Space; Domain Backorders; DomainKeys Identified Mail; Domain Manager; Parked Domain Names; Domain Registration Transfer; Dreamweaver Compatibility; Dropbox Backups; Email Forwarding; Email Manager; Enom Domain Name Reseller Account; EPP Transfer Protection; Error Log Viewer; Extensive Online Documentation; Extra Dedicated IPs; File Manager; FTP Accounts; FTP Manager; DNS Management; Full WHOIS Management; Guaranteed RAM; Hepsia Control Panel; Hosted Domain Names; Hotlink Protection; Htaccess Generator; WHOIS Guard; Imagemagick And GD Library; InnoDB; Installation And Troubleshooting; Instant Account Activation; Integrated Ticketing System; IonCube; IP Blocking; JailHost; Email Accounts; Mailing Lists; Mailing List Members; Managed Services Package; Marketing Tools; Money Back Guarantee; Memcached; Microsoft Frontpage Extensions; ModSecurity; Monitoring And Rebooting; MySQL And Load Stats; 2.5 Gbit Network Connectivity; Data Corruption; Node.js; No Overselling; NS Records; One-Hour Response Guarantee; Perl Modules; Password Protected Directories; Perl; PgSQL Databases; PostgreSQL Database Storage; Phone Support; PHP 4 And PHP 5 Support; PhpMyAdmin; PhpPgAdmin; Python; RAID; Registrar Lock; Server Reselling Options; SSI; Shared SSL IP; SiteMap Generator; SMTP Server; Spam Filters; SPF Protection; MySQL Databases; MySQL Database Storage; SRV Records; Data Caching; SSL Certificate Generator; Stable Linux With Apache; Subdomains; Help Desk; Data Traffic; TXT Records; Ubuntu; UPS And Diesel Back-up Generator; Service Uptime; URL Redirection; Varnish; VPN Traffic; Multiple Control Panels; Setup Fee; Multiple OS; Full Root-level Access; SSH Telnet; Web Accelerators; Online Site Builder; Web And FTP Statistics; Web Installer; Webmail; Assisted Website Migration; Website Manager; Free Site Themes; Weekly Backup; Weekly OS Update; Zend Optimizer; ZFS Mails And MySQL; Order Now

ModSecurity is a plugin for Apache web servers which acts as a web app layer firewall. It is used to prevent attacks against script-driven websites through the use of security rules which contain certain expressions. That way, the firewall can prevent hacking and spamming attempts and preserve even sites that aren't updated frequently. As an example, a number of unsuccessful login attempts to a script administrative area or attempts to execute a particular file with the objective to get access to the script shall trigger specific rules, so ModSecurity will stop these activities the minute it discovers them. The firewall is quite efficient as it monitors the whole HTTP traffic to a website in real time without slowing it down, so it could prevent an attack before any damage is done. It additionally maintains a very detailed log of all attack attempts which includes more information than standard Apache logs, so you could later analyze the data and take further measures to enhance the security of your websites if necessary.

ModSecurity in Web Hosting

ModSecurity is available with every web hosting plan that we offer and it is turned on by default for every domain or subdomain that you include via your Hepsia Control Panel. In case it interferes with any of your programs or you would like to disable it for whatever reason, you shall be able to do this through the ModSecurity section of Hepsia with just a mouse click. You can also use a passive mode, so the firewall will identify potential attacks and maintain a log, but won't take any action. You can view detailed logs in the exact same section, including the IP where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etcetera. For max security of our clients we use a set of commercial firewall rules blended with custom ones that are included by our system admins.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server packages and if you opt to host your Internet sites with our company, there won't be anything special you will have to do as the firewall is switched on by default for all domains and subdomains that you include through your hosting CP. If necessary, you can disable ModSecurity for a particular website or enable the so-called detection mode in which case the firewall shall still function and record information, but won't do anything to stop potential attacks on your Internet sites. Thorough logs will be readily available within your CP and you will be able to see what type of attacks occurred, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, etc. We use 2 types of rules on our servers - commercial ones from an organization that operates in the field of web security, and customized ones that our admins often add to respond to newly found threats on time.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers that are integrated with our Hepsia CP and you'll not need to do anything specific on your end to use it since it's turned on by default whenever you add a new domain or subdomain on your web server. In the event that it disrupts some of your programs, you'll be able to stop it via the respective area of Hepsia, or you could leave it working in passive mode, so it'll identify attacks and shall still maintain a log for them, but will not prevent them. You may analyze the logs later to learn what you can do to enhance the safety of your websites as you'll find information such as where an intrusion attempt originated from, what Internet site was attacked and based upon what rule ModSecurity reacted, etc. The rules which we use are commercial, hence they are constantly updated by a security provider, but to be on the safe side, our admins also include custom rules occasionally in order to react to any new threats they have discovered.