ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its overall performance and in case it discovers an intrusion attempt, it prevents it. The firewall also keeps a more comprehensive log for the traffic than any server does, so you will manage to keep an eye on what is happening with your Internet sites better than if you rely merely on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For instance, it detects whether anyone is trying to log in to the administrator area of a certain script a number of times or if a request is sent to execute a file with a particular command. In such instances these attempts trigger the corresponding rules and the firewall program blocks the attempts immediately, after that records comprehensive details about them inside its logs. ModSecurity is amongst the most effective software firewalls out there and it can protect your web apps against many threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Cloud Website Hosting

ModSecurity is available with each and every cloud website hosting solution which we offer and it's activated by default for any domain or subdomain that you add via your Hepsia CP. In case it interferes with any of your applications or you would like to disable it for whatever reason, you shall be able to do this through the ModSecurity section of Hepsia with merely a mouse click. You could also use a passive mode, so the firewall will identify possible attacks and maintain a log, but won't take any action. You could see extensive logs in the exact same section, including the IP where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etc. For maximum security of our clients we use a collection of commercial firewall rules combined with custom ones which are included by our system administrators.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server solutions and if you decide to host your sites with our company, there shall not be anything special you will have to do as the firewall is switched on by default for all domains and subdomains you include via your hosting CP. If necessary, you can disable ModSecurity for a certain website or activate the so-called detection mode in which case the firewall will still function and record information, but shall not do anything to prevent possible attacks on your Internet sites. Detailed logs shall be readily available in your Control Panel and you shall be able to see what type of attacks happened, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, etc. We use two sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and custom ones that our admins sometimes add to respond to newly identified threats in a timely manner.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers which we offer and it will be activated automatically for every new domain or subdomain which you include on the server. In this way, any web application you install will be secured immediately without doing anything manually on your end. The firewall may be handled through the section of the Control Panel that bears the same name. This is the location in whichyou'll be able to turn off ModSecurity or let its passive mode, so it will not take any action against threats, but will still maintain a detailed log. The recorded data is available in the same section as well and you shall be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules we employ on our servers are a mixture between commercial ones which we get from a security company and custom ones which are included by our staff to enhance the security of any web applications hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the hosting server. In the event that a web application does not work properly, you can either switch off the firewall or set it to operate in passive mode. The latter means that ModSecurity will keep a log of any possible attack that may happen, but shall not take any action to stop it. The logs created in passive or active mode will give you more details about the exact file which was attacked, the nature of the attack and the IP address it originated from, etc. This data will enable you to decide what actions you can take to boost the safety of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated often with a commercial pack from a third-party security enterprise we work with, but from time to time our admins add their own rules also in case they identify a new potential threat.