ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and when it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more detailed log for the site visitors than any server does, so you shall manage to keep an eye on what is going on with your Internet sites a lot better than if you rely merely on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For instance, it identifies if someone is attempting to log in to the administration area of a specific script a number of times or if a request is sent to execute a file with a particular command. In these cases these attempts set off the corresponding rules and the firewall software blocks the attempts instantly, then records detailed info about them within its logs. ModSecurity is one of the most effective software firewalls available and it could easily protect your web applications against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Shared Hosting

ModSecurity is available with every shared hosting solution which we offer and it is switched on by default for any domain or subdomain which you include through your Hepsia CP. In case it disrupts any of your apps or you would like to disable it for any reason, you shall be able to achieve that through the ModSecurity area of Hepsia with merely a mouse click. You could also use a passive mode, so the firewall will recognize possible attacks and keep a log, but shall not take any action. You'll be able to view detailed logs in the very same section, including the IP where the attack originated from, what precisely the attacker tried to do and at what time, what ModSecurity did, etcetera. For max security of our customers we use a collection of commercial firewall rules mixed with custom ones that are included by our system administrators.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server plans and if you opt to host your Internet sites with us, there won't be anything special you'll have to do given that the firewall is switched on by default for all domains and subdomains that you add via your hosting CP. If needed, you can disable ModSecurity for a given website or activate the so-called detection mode in which case the firewall will still operate and record information, but will not do anything to stop possible attacks on your websites. In depth logs shall be accessible in your Control Panel and you will be able to see what sort of attacks took place, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, and so forth. We employ two sorts of rules on our servers - commercial ones from a company which operates in the field of web security, and custom ones which our administrators occasionally include to respond to newly discovered risks promptly.

ModSecurity in VPS Servers

All VPS servers which are set up with the Hepsia Control Panel come with ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the machine, so there will not be anything special which you'll have to do to protect your sites. It shall take you simply a click to stop ModSecurity if necessary or to turn on its passive mode so that it records what happens without taking any steps to prevent intrusions. You will be able to see the logs produced in passive or active mode through the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall used to tackle it, and so on. We use a combination of commercial and custom rules in order to make sure that ModSecurity shall block out as many threats as possible, thus increasing the protection of your web applications as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the web server. In the event that a web app does not function properly, you can either turn off the firewall or set it to function in passive mode. The second means that ModSecurity will keep a log of any potential attack that might take place, but will not take any action to stop it. The logs created in passive or active mode shall present you with more details about the exact file that was attacked, the nature of the attack and the IP it originated from, and so forth. This info shall permit you to determine what measures you can take to improve the security of your websites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules we employ are updated regularly with a commercial bundle from a third-party security company we work with, but oftentimes our admins add their own rules too when they find a new potential threat.