ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and if it detects an intrusion attempt, it prevents it. The firewall also maintains a more thorough log for the traffic than any web server does, so you will be able to keep an eye on what is happening with your websites better than if you rely only on standard logs. ModSecurity works with security rules based on which it prevents attacks. For instance, it identifies whether someone is attempting to log in to the administration area of a certain script a number of times or if a request is sent to execute a file with a particular command. In such cases these attempts trigger the corresponding rules and the firewall program hinders the attempts right away, then records in-depth information about them inside its logs. ModSecurity is amongst the most effective software firewalls on the market and it could easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Web Hosting

We offer ModSecurity with all web hosting packages, so your web applications will be protected against destructive attacks. The firewall is switched on as standard for all domains and subdomains, but in case you would like, you will be able to stop it through the respective section of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you'll find within Hepsia are incredibly detailed and include data about the nature of any attack, when it transpired and from what IP address, the firewall rule that was triggered, etcetera. We employ a range of commercial rules which are constantly updated, but sometimes our admins add custom rules as well in order to efficiently protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

Any web application that you set up within your new semi-dedicated hosting account shall be protected by ModSecurity because the firewall comes with all our hosting solutions and is switched on by default for any domain and subdomain you include or create using your Hepsia hosting Control Panel. You will be able to manage ModSecurity via a dedicated area within Hepsia where not simply can you activate or deactivate it completely, but you can also enable a passive mode, so the firewall won't block anything, but it shall still keep an archive of possible attacks. This normally requires just a click and you'll be able to see the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was addressed, etc. The firewall uses 2 sets of rules on our servers - a commercial one which we get from a third-party web security company and a custom one which our admins update manually in order to respond to newly discovered risks as fast as possible.

ModSecurity in VPS Web Hosting

All virtual private servers that are set up with the Hepsia Control Panel come with ModSecurity. The firewall is set up and switched on by default for all domains which are hosted on the machine, so there will not be anything special which you'll need to do to protect your Internet sites. It'll take you simply a click to stop ModSecurity if necessary or to switch on its passive mode so that it records what goes on without taking any steps to stop intrusions. You shall be able to see the logs produced in active or passive mode through the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall employed to handle it, etcetera. We employ a mix of commercial and custom rules in order to ensure that ModSecurity will stop as many risks as possible, thus improving the security of your web programs as much as possible.

ModSecurity in Dedicated Servers Hosting

ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain which you create on the server. In the event that a web app does not operate correctly, you could either turn off the firewall or set it to operate in passive mode. The latter means that ModSecurity shall keep a log of any possible attack that could occur, but will not take any action to stop it. The logs produced in passive or active mode will present you with more details about the exact file which was attacked, the type of the attack and the IP address it came from, etc. This data shall allow you to decide what actions you can take to enhance the protection of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated regularly with a commercial package from a third-party security enterprise we work with, but sometimes our administrators include their own rules also when they identify a new potential threat.