ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its operation and if it discovers an intrusion attempt, it blocks it. The firewall also keeps a more comprehensive log for the website visitors than any server does, so you shall manage to keep an eye on what's happening with your Internet sites a lot better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it helps prevent attacks. For example, it recognizes if somebody is trying to log in to the administrator area of a particular script a number of times or if a request is sent to execute a file with a particular command. In these circumstances these attempts trigger the corresponding rules and the firewall blocks the attempts right away, and then records in-depth information about them within its logs. ModSecurity is amongst the most effective software firewalls out there and it can protect your web applications against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Cloud Web Hosting

We provide ModSecurity with all cloud web hosting plans, so your web applications shall be shielded from destructive attacks. The firewall is switched on as standard for all domains and subdomains, but if you'd like, you will be able to stop it via the respective part of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you will discover inside Hepsia are quite detailed and offer info about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, etc. We employ a set of commercial rules which are constantly updated, but sometimes our admins add custom rules as well in order to efficiently protect the Internet sites hosted on our machines.

ModSecurity in Semi-dedicated Servers

Any web application you set up within your new semi-dedicated server account shall be protected by ModSecurity as the firewall comes with all our hosting packages and is turned on by default for any domain and subdomain which you add or create through your Hepsia hosting CP. You shall be able to manage ModSecurity through a dedicated section inside Hepsia where not only could you activate or deactivate it fully, but you can also enable a passive mode, so the firewall will not stop anything, but it'll still keep an archive of potential attacks. This requires just a mouse click and you will be able to look at the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was taken care of, and so forth. The firewall uses two sets of rules on our servers - a commercial one that we get from a third-party web security company and a custom one which our admins update manually as to respond to recently discovered threats as quickly as possible.

ModSecurity in VPS Servers

Protection is very important to us, so we install ModSecurity on all VPS servers which are provided with the Hepsia CP as a standard. The firewall can be managed via a dedicated section within Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you will not need to do anything by hand. You'll also be able to disable it or switch on the so-called detection mode, so it shall maintain a log of possible attacks which you can later study, but won't prevent them. The logs in both passive and active modes contain information about the form of the attack and how it was prevented, what IP address it originated from and other useful data which might help you to tighten the security of your websites by updating them or blocking IPs, for instance. In addition to the commercial rules which we get for ModSecurity from a third-party security enterprise, we also employ our own rules because from time to time we detect specific attacks that aren't yet present in the commercial group. This way, we could enhance the security of your VPS right away instead of waiting for an official update.

ModSecurity in Dedicated Servers

ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain which you create on the web server. In the event that a web app doesn't work properly, you can either switch off the firewall or set it to operate in passive mode. The latter means that ModSecurity will maintain a log of any potential attack which could occur, but shall not take any action to prevent it. The logs produced in active or passive mode will provide you with more details about the exact file that was attacked, the form of the attack and the IP address it came from, etc. This data will allow you to determine what actions you can take to boost the safety of your websites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial bundle from a third-party security company we work with, but oftentimes our administrators include their own rules as well if they discover a new potential threat.