ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its overall performance and if it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more comprehensive log for the site visitors than any web server does, so you'll be able to monitor what is happening with your sites a lot better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it stops attacks. For example, it recognizes if someone is trying to log in to the administration area of a certain script multiple times or if a request is sent to execute a file with a particular command. In these instances these attempts trigger the corresponding rules and the firewall program hinders the attempts right away, then records comprehensive details about them within its logs. ModSecurity is one of the very best software firewalls available and it could easily protect your web applications against many threats and vulnerabilities, especially in case you don’t update them or their plugins often.

ModSecurity in Cloud Website Hosting

We provide ModSecurity with all cloud website hosting solutions, so your web apps will be shielded from malicious attacks. The firewall is turned on by default for all domains and subdomains, but if you'd like, you will be able to stop it using the respective area of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you shall find inside Hepsia are extremely detailed and include data about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, etcetera. We use a set of commercial rules that are constantly updated, but sometimes our administrators add custom rules as well so as to efficiently protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Servers

Any web application that you install in your new semi-dedicated server account will be protected by ModSecurity as the firewall comes with all our hosting solutions and is turned on by default for any domain and subdomain which you add or create through your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated area within Hepsia where not simply could you activate or deactivate it entirely, but you may also activate a passive mode, so the firewall shall not stop anything, but it will still keep a record of possible attacks. This requires just a click and you'll be able to view the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was handled, etcetera. The firewall uses 2 sets of rules on our web servers - a commercial one which we get from a third-party web security provider and a custom one which our administrators update manually in order to respond to recently discovered risks as soon as possible.

ModSecurity in VPS Servers

ModSecurity is included with all Hepsia-based VPS servers that we offer and it will be switched on automatically for any new domain or subdomain which you include on the hosting server. In this way, any web application you install will be protected from the very beginning without doing anything personally on your end. The firewall may be handled through the section of the Control Panel which has the same name. This is the location whereyou'll be able to turn off ModSecurity or let its passive mode, so it shall not take any action toward threats, but will still maintain a thorough log. The recorded information is available in the same area as well and you'll be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules that we employ on our servers are a mixture between commercial ones that we get from a security organization and custom ones that are added by our administrators to enhance the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain you create on the hosting server. In case that a web application doesn't work correctly, you could either switch off the firewall or set it to work in passive mode. The latter means that ModSecurity will maintain a log of any potential attack which could happen, but won't take any action to stop it. The logs produced in passive or active mode shall provide you with additional details about the exact file which was attacked, the form of the attack and the IP address it came from, and so on. This information will enable you to determine what measures you can take to increase the safety of your Internet sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated regularly with a commercial package from a third-party security firm we work with, but from time to time our admins add their own rules also when they find a new potential threat.