ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its performance and if it identifies an intrusion attempt, it blocks it. The firewall also keeps a more comprehensive log for the site visitors than any server does, so you shall be able to keep track of what's going on with your websites a lot better than if you rely simply on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For example, it identifies whether anyone is trying to log in to the administration area of a certain script several times or if a request is sent to execute a file with a particular command. In these instances these attempts trigger the corresponding rules and the firewall software blocks the attempts right away, and then records comprehensive info about them within its logs. ModSecurity is among the best software firewalls on the market and it can protect your web applications against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Cloud Web Hosting

ModSecurity is provided with all cloud web hosting machines, so when you opt to host your Internet sites with our business, they'll be protected against a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any Internet site if needed, or to switch on a detection mode, so that all activity shall be recorded, but the firewall will not take any real action. You'll be able to view detailed logs using your Hepsia Control Panel including the IP where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. Since we take the safety of our clients' Internet sites seriously, we use a set of commercial rules which we get from one of the leading companies that maintain this type of rules. Our administrators also include custom rules to make sure that your Internet sites will be protected against as many threats as possible.

ModSecurity in Semi-dedicated Hosting

Any web app that you install in your new semi-dedicated hosting account shall be protected by ModSecurity since the firewall is provided with all our hosting packages and is turned on by default for any domain and subdomain you include or create using your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated section in Hepsia where not only could you activate or deactivate it entirely, but you can also enable a passive mode, so the firewall will not block anything, but it'll still keep an archive of possible attacks. This requires just a mouse click and you will be able to look at the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was addressed, and so on. The firewall employs 2 groups of rules on our machines - a commercial one which we get from a third-party web security provider and a custom one which our administrators update manually in order to respond to recently discovered threats as soon as possible.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting CP, so your web applications will be protected from the second your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if required, you can deactivate it with a click of your mouse via the corresponding section of Hepsia. You could also set it to function in detection mode, so it'll keep a detailed log of any possible attacks without taking any action to stop them. The logs are available within the same section and include information regarding the nature of the attack, what IP address it originated from and what ModSecurity rule was triggered to stop it. For best security, we employ not simply commercial rules from a company working in the field of web security, but also custom ones our administrators add manually so as to react to new threats that are still not addressed in the commercial rules.

ModSecurity in Dedicated Hosting

ModSecurity is available by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain you create on the server. In the event that a web application doesn't function correctly, you can either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity will maintain a log of any possible attack that could occur, but shall not take any action to prevent it. The logs generated in active or passive mode will present you with more details about the exact file which was attacked, the form of the attack and the IP it originated from, etcetera. This information will enable you to determine what actions you can take to improve the protection of your sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated often with a commercial pack from a third-party security enterprise we work with, but sometimes our staff include their own rules too in case they come across a new potential threat.