ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and when it detects an intrusion attempt, it blocks it. The firewall additionally keeps a more detailed log for the traffic than any web server does, so you'll be able to keep track of what is going on with your sites a lot better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it helps prevent attacks. For example, it recognizes if someone is attempting to log in to the admin area of a certain script several times or if a request is sent to execute a file with a certain command. In these cases these attempts trigger the corresponding rules and the firewall program hinders the attempts instantly, and then records in-depth information about them within its logs. ModSecurity is one of the very best software firewalls on the market and it could easily protect your web applications against many threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.

ModSecurity in Cloud Web Hosting

ModSecurity can be found with every cloud web hosting solution that we provide and it is activated by default for every domain or subdomain which you add through your Hepsia CP. If it disrupts any of your apps or you would like to disable it for whatever reason, you'll be able to do this through the ModSecurity area of Hepsia with simply a click. You may also activate a passive mode, so the firewall will detect possible attacks and keep a log, but won't take any action. You could view comprehensive logs in the same section, including the IP where the attack came from, exactly what the attacker attempted to do and at what time, what ModSecurity did, etcetera. For maximum protection of our clients we use a set of commercial firewall rules blended with custom ones which are added by our system administrators.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server solutions and if you choose to host your websites with us, there shall not be anything special you will have to do as the firewall is switched on by default for all domains and subdomains which you add through your hosting Control Panel. If necessary, you'll be able to disable ModSecurity for a particular Internet site or switch on the so-called detection mode in which case the firewall shall still function and record data, but won't do anything to prevent potential attacks against your websites. In depth logs will be available within your Control Panel and you'll be able to see what type of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, and so forth. We employ two kinds of rules on our servers - commercial ones from a business which operates in the field of web security, and custom made ones that our administrators sometimes include to respond to newly discovered risks promptly.

ModSecurity in VPS Servers

Security is extremely important to us, so we set up ModSecurity on all VPS servers which are set up with the Hepsia Control Panel as a standard. The firewall could be managed via a dedicated section within Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you'll not need to do anything by hand. You'll also be able to deactivate it or turn on the so-called detection mode, so it will keep a log of potential attacks which you can later study, but shall not stop them. The logs in both passive and active modes offer information about the kind of the attack and how it was eliminated, what IP address it originated from and other important data that could help you to tighten the security of your websites by updating them or blocking IPs, as an example. Beyond the commercial rules which we get for ModSecurity from a third-party security firm, we also use our own rules as occasionally we identify specific attacks which are not yet present in the commercial pack. This way, we could boost the security of your VPS instantly instead of waiting for an official update.

ModSecurity in Dedicated Servers

ModSecurity is available by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain which you create on the server. Just in case that a web application does not operate adequately, you could either disable the firewall or set it to operate in passive mode. The second means that ModSecurity will maintain a log of any potential attack that could take place, but won't take any action to prevent it. The logs created in passive or active mode will present you with more details about the exact file which was attacked, the form of the attack and the IP address it came from, etcetera. This information will allow you to decide what steps you can take to increase the protection of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated often with a commercial bundle from a third-party security provider we work with, but oftentimes our administrators include their own rules also in case they find a new potential threat.