ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its functionality and in case it detects an intrusion attempt, it prevents it. The firewall also keeps a more thorough log for the website visitors than any server does, so you'll be able to monitor what is going on with your sites better than if you rely merely on standard logs. ModSecurity works with security rules based on which it helps prevent attacks. For example, it recognizes if somebody is trying to log in to the administrator area of a particular script multiple times or if a request is sent to execute a file with a particular command. In such instances these attempts trigger the corresponding rules and the firewall program hinders the attempts right away, after that records in-depth details about them in its logs. ModSecurity is among the most effective software firewalls out there and it can easily protect your web apps against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.

ModSecurity in Shared Website Hosting

ModSecurity is available with every single shared website hosting package that we offer and it is switched on by default for every domain or subdomain that you add through your Hepsia Control Panel. If it interferes with any of your applications or you would like to disable it for some reason, you'll be able to do that through the ModSecurity section of Hepsia with just a click. You can also use a passive mode, so the firewall will discover potential attacks and keep a log, but won't take any action. You could see extensive logs in the very same section, including the IP where the attack originated from, what precisely the attacker attempted to do and at what time, what ModSecurity did, etcetera. For maximum security of our clients we use a group of commercial firewall rules mixed with custom ones which are added by our system admins.

ModSecurity in Semi-dedicated Servers

We have included ModSecurity by default in all semi-dedicated server packages, so your web applications will be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts shall allow you to activate or turn off the firewall for any Internet site with a mouse click. You will also be able to switch on a passive detection mode in which ModSecurity will keep a log of possible attacks without really preventing them. The comprehensive logs contain the nature of the attack and what ModSecurity response that attack generated, where it came from, and so forth. The list of rules that we use is constantly updated in order to match any new risks that could appear on the Internet and it includes both commercial rules that we get from a security business and custom-written ones which our administrators include in the event that they find a threat that's not present in the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is included with all Hepsia-based VPS servers that we offer and it shall be switched on automatically for any new domain or subdomain which you add on the hosting server. In this way, any web application that you install will be protected right from the start without doing anything by hand on your end. The firewall may be managed via the section of the Control Panel which bears the same name. This is the place in whichyou'll be able to disable ModSecurity or activate its passive mode, so it will not take any action towards threats, but will still keep a thorough log. The recorded data is available in the same section as well and you shall be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules we employ on our servers are a blend between commercial ones that we get from a security firm and custom ones that are included by our admins to optimize the protection of any web applications hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain that you create on the hosting server. Just in case that a web application does not work correctly, you could either turn off the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any potential attack that may happen, but won't take any action to prevent it. The logs generated in active or passive mode shall provide you with additional details about the exact file that was attacked, the nature of the attack and the IP address it originated from, etc. This info shall enable you to determine what actions you can take to improve the security of your websites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial pack from a third-party security firm we work with, but oftentimes our administrators include their own rules as well when they find a new potential threat.