ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its functionality and when it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more thorough log for the website visitors than any server does, so you'll be able to keep an eye on what is happening with your sites much better than if you rely only on conventional logs. ModSecurity employs security rules based on which it stops attacks. For instance, it identifies whether anyone is trying to log in to the administrator area of a certain script a number of times or if a request is sent to execute a file with a specific command. In these instances these attempts trigger the corresponding rules and the firewall hinders the attempts right away, then records detailed information about them within its logs. ModSecurity is among the best software firewalls available and it can protect your web apps against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Cloud Hosting

ModSecurity is available with every cloud hosting package that we offer and it is turned on by default for every domain or subdomain that you include through your Hepsia Control Panel. If it disrupts any of your applications or you would like to disable it for whatever reason, you shall be able to accomplish that through the ModSecurity area of Hepsia with just a click. You can also activate a passive mode, so the firewall will recognize potential attacks and keep a log, but won't take any action. You can view extensive logs in the exact same section, including the IP address where the attack originated from, exactly what the attacker tried to do and at what time, what ModSecurity did, etc. For max security of our customers we use a group of commercial firewall rules mixed with custom ones that are included by our system administrators.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting packages and if you opt to host your Internet sites with our company, there will not be anything special you will have to do since the firewall is activated by default for all domains and subdomains that you add via your hosting Control Panel. If necessary, you could disable ModSecurity for a particular website or enable the so-called detection mode in which case the firewall will still function and record info, but shall not do anything to stop potential attacks on your sites. In depth logs will be readily available inside your CP and you shall be able to see which kind of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, etcetera. We use 2 kinds of rules on our servers - commercial ones from a business that operates in the field of web security, and custom ones which our administrators occasionally include to respond to newly discovered risks promptly.

ModSecurity in VPS

All virtual private servers that are offered with the Hepsia CP feature ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the machine, so there won't be anything special that you'll have to do to protect your sites. It will take you a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what happens without taking any steps to prevent intrusions. You'll be able to view the logs created in active or passive mode via the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to take care of it, etcetera. We use a mix of commercial and custom rules in order to ensure that ModSecurity will stop as many risks as possible, hence enhancing the security of your web applications as much as possible.

ModSecurity in Dedicated Hosting

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain you create on the hosting server. Just in case that a web application doesn't function properly, you can either turn off the firewall or set it to work in passive mode. The second means that ModSecurity shall keep a log of any potential attack which could take place, but won't take any action to prevent it. The logs created in active or passive mode will give you additional details about the exact file that was attacked, the type of the attack and the IP address it originated from, and so forth. This data will allow you to decide what actions you can take to improve the protection of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated frequently with a commercial package from a third-party security firm we work with, but sometimes our staff add their own rules too in the event that they come across a new potential threat.