ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its overall performance and in case it identifies an intrusion attempt, it blocks it. The firewall additionally keeps a more comprehensive log for the traffic than any server does, so you will be able to keep track of what is happening with your websites a lot better than if you rely merely on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For example, it identifies if someone is trying to log in to the administrator area of a given script multiple times or if a request is sent to execute a file with a specific command. In these cases these attempts set off the corresponding rules and the firewall software blocks the attempts right away, after that records comprehensive information about them within its logs. ModSecurity is among the best software firewalls out there and it can easily protect your web apps against many threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Hosting

ModSecurity is available with every hosting solution that we provide and it's turned on by default for every domain or subdomain which you add via your Hepsia CP. If it disrupts any of your apps or you'd like to disable it for any reason, you will be able to do this through the ModSecurity area of Hepsia with only a mouse click. You may also enable a passive mode, so the firewall will discover potential attacks and keep a log, but shall not take any action. You can see extensive logs in the very same section, including the IP address where the attack came from, what precisely the attacker attempted to do and at what time, what ModSecurity did, etc. For max safety of our customers we use a group of commercial firewall rules combined with custom ones which are included by our system admins.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans that we offer feature ModSecurity and given that the firewall is enabled by default, any website you build under a domain or a subdomain will be protected right from the start. An independent section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it will enable you to start and stop the firewall for any website or switch on a detection mode. With the last mentioned, ModSecurity shall not take any action, but it'll still detect possible attacks and will keep all information within a log as if it were 100% active. The logs could be found inside the exact same section of the Control Panel and they include information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules we employ on our web servers are a mix of commercial ones from a security business and custom ones developed by our system admins. As a result, we offer greater security for your web apps as we can defend them from attacks before security companies release updates for new threats.

ModSecurity in VPS Servers

All VPS servers which are set up with the Hepsia Control Panel come with ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the web server, so there will not be anything special which you'll need to do to protect your websites. It'll take you just a click to stop ModSecurity if required or to turn on its passive mode so that it records what occurs without taking any actions to stop intrusions. You'll be able to look at the logs created in active or passive mode through the corresponding section of Hepsia and discover more about the form of the attack, where it originated from, what rule the firewall used to handle it, etc. We employ a mixture of commercial and custom rules in order to ensure that ModSecurity will prevent as many threats as possible, thus increasing the protection of your web applications as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is available as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain that you create on the hosting server. In case that a web application does not operate adequately, you can either disable the firewall or set it to operate in passive mode. The second means that ModSecurity shall maintain a log of any potential attack which could occur, but won't take any action to prevent it. The logs created in passive or active mode shall provide you with more details about the exact file that was attacked, the form of the attack and the IP it originated from, etc. This information shall allow you to choose what actions you can take to boost the safety of your sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we employ are updated often with a commercial pack from a third-party security provider we work with, but oftentimes our admins add their own rules as well in the event that they identify a new potential threat.