ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and in case it identifies an intrusion attempt, it prevents it. The firewall furthermore keeps a more detailed log for the traffic than any server does, so you shall be able to monitor what is going on with your websites a lot better than if you rely simply on standard logs. ModSecurity works with security rules based on which it stops attacks. For instance, it detects if anyone is trying to log in to the admin area of a particular script several times or if a request is sent to execute a file with a particular command. In such cases these attempts set off the corresponding rules and the firewall hinders the attempts instantly, after that records in-depth details about them in its logs. ModSecurity is one of the best software firewalls out there and it could easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Hosting

ModSecurity is supplied with all hosting web servers, so if you decide to host your Internet sites with our company, they shall be shielded from a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there will be nothing you will need to do on your end. You shall be able to stop ModSecurity for any Internet site if needed, or to activate a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You'll be able to view detailed logs via your Hepsia CP including the IP where the attack originated from, what the attacker wished to do and how ModSecurity dealt with the threat. As we take the protection of our customers' sites very seriously, we use a collection of commercial rules which we get from one of the best companies that maintain this type of rules. Our administrators also include custom rules to make sure that your websites will be protected against as many risks as possible.

ModSecurity in Semi-dedicated Servers

We've incorporated ModSecurity as a standard in all semi-dedicated server products, so your web applications will be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts shall permit you to activate or turn off the firewall for any Internet site with a mouse click. You shall also have the ability to switch on a passive detection mode in which ModSecurity shall keep a log of possible attacks without actually stopping them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack activated, where it came from, etc. The list of rules which we employ is frequently updated in order to match any new risks which could appear on the Internet and it features both commercial rules that we get from a security firm and custom-written ones that our admins add in the event that they discover a threat that's not present in the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are offered with the Hepsia hosting CP, so your web apps shall be secured from the second your server is ready. The firewall is switched on by default for any domain or subdomain on the VPS, but if necessary, you could deactivate it with a click of your mouse via the corresponding section of Hepsia. You may also set it to work in detection mode, so it'll maintain a comprehensive log of any potential attacks without taking any action to prevent them. The logs are available within the very same section and provide information regarding the nature of the attack, what IP it came from and what ModSecurity rule was initiated to stop it. For maximum security, we employ not just commercial rules from a business operating in the field of web security, but also custom ones that our admins add personally so as to respond to new risks which are still not addressed in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the web server. In the event that a web application does not operate adequately, you may either disable the firewall or set it to work in passive mode. The latter means that ModSecurity will maintain a log of any possible attack that may take place, but won't take any action to prevent it. The logs created in passive or active mode shall offer you additional details about the exact file that was attacked, the nature of the attack and the IP it originated from, etcetera. This information shall enable you to determine what actions you can take to boost the protection of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated constantly with a commercial pack from a third-party security company we work with, but occasionally our admins add their own rules too when they come across a new potential threat.