ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its functionality and when it discovers an intrusion attempt, it prevents it. The firewall additionally keeps a more detailed log for the website visitors than any server does, so you'll be able to keep an eye on what's happening with your Internet sites better than if you rely merely on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it recognizes if anyone is trying to log in to the admin area of a specific script multiple times or if a request is sent to execute a file with a certain command. In these cases these attempts set off the corresponding rules and the firewall hinders the attempts immediately, and then records detailed info about them in its logs. ModSecurity is amongst the very best software firewalls out there and it can easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Shared Hosting

ModSecurity can be found with each shared hosting solution that we provide and it is activated by default for every domain or subdomain which you include via your Hepsia Control Panel. In case it interferes with any of your programs or you'd like to disable it for some reason, you shall be able to accomplish that through the ModSecurity area of Hepsia with only a mouse click. You could also enable a passive mode, so the firewall will detect potential attacks and keep a log, but will not take any action. You could view extensive logs in the same section, including the IP address where the attack came from, exactly what the attacker tried to do and at what time, what ModSecurity did, etc. For maximum safety of our clients we use a set of commercial firewall rules mixed with custom ones which are included by our system admins.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans that we offer feature ModSecurity and because the firewall is turned on by default, any site that you create under a domain or a subdomain will be secured immediately. An independent section inside the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will permit you to stop and start the firewall for any website or activate a detection mode. With the last mentioned, ModSecurity shall not take any action, but it'll still recognize possible attacks and shall keep all information inside a log as if it were fully active. The logs could be found inside the exact same section of the Control Panel and they offer details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules we employ on our servers are a mix of commercial ones from a security business and custom ones developed by our system administrators. Therefore, we offer increased security for your web applications as we can defend them from attacks before security firms release updates for completely new threats.

ModSecurity in VPS Servers

Safety is very important to us, so we install ModSecurity on all VPS servers that are provided with the Hepsia CP as a standard. The firewall could be managed through a dedicated section in Hepsia and is switched on automatically when you add a new domain or generate a subdomain, so you will not need to do anything by hand. You shall also be able to disable it or turn on the so-called detection mode, so it will keep a log of possible attacks that you can later study, but won't prevent them. The logs in both passive and active modes contain info about the form of the attack and how it was eliminated, what IP address it originated from and other useful info which could help you to tighten the security of your Internet sites by updating them or blocking IPs, for instance. On top of the commercial rules which we get for ModSecurity from a third-party security company, we also employ our own rules as every now and then we discover specific attacks that are not yet present in the commercial package. This way, we can increase the protection of your VPS instantly instead of awaiting a certified update.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the server. In case that a web application does not operate correctly, you may either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity shall keep a log of any possible attack which may take place, but will not take any action to stop it. The logs generated in passive or active mode will present you with more details about the exact file which was attacked, the form of the attack and the IP address it came from, etc. This information shall permit you to decide what actions you can take to boost the security of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated constantly with a commercial package from a third-party security company we work with, but occasionally our staff add their own rules as well if they find a new potential threat.