ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its functionality and when it identifies an intrusion attempt, it prevents it. The firewall additionally maintains a more thorough log for the site visitors than any server does, so you shall manage to keep track of what's going on with your websites much better than if you rely simply on standard logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it identifies if someone is trying to log in to the administrator area of a particular script multiple times or if a request is sent to execute a file with a specific command. In these cases these attempts set off the corresponding rules and the firewall hinders the attempts instantly, and then records comprehensive details about them inside its logs. ModSecurity is among the best software firewalls available and it can easily protect your web applications against a huge number of threats and vulnerabilities, especially in case you don’t update them or their plugins often.

ModSecurity in Shared Hosting

ModSecurity is supplied with all shared hosting servers, so if you opt to host your Internet sites with our business, they shall be resistant to an array of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you'll need to do on your end. You shall be able to stop ModSecurity for any site if required, or to enable a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view comprehensive logs using your Hepsia CP including the IP where the attack came from, what the attacker wanted to do and how ModSecurity dealt with the threat. As we take the safety of our clients' websites seriously, we employ a selection of commercial rules that we take from one of the top companies which maintain this kind of rules. Our administrators also add custom rules to make sure that your sites shall be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages which we offer include ModSecurity and given that the firewall is turned on by default, any Internet site that you set up under a domain or a subdomain shall be protected straight away. An individual section inside the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall allow you to start and stop the firewall for any Internet site or activate a detection mode. With the last option, ModSecurity will not take any action, but it'll still recognize possible attacks and will keep all info inside a log as if it were 100% active. The logs could be found in the same section of the Control Panel and they include info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules that we employ on our machines are a mix of commercial ones from a security firm and custom ones made by our system admins. For that reason, we offer higher security for your web applications as we can defend them from attacks even before security corporations release updates for completely new threats.

ModSecurity in VPS Servers

Protection is extremely important to us, so we install ModSecurity on all VPS servers that are set up with the Hepsia Control Panel as a standard. The firewall could be managed through a dedicated section in Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you won't have to do anything by hand. You will also be able to disable it or switch on the so-called detection mode, so it will keep a log of possible attacks that you can later analyze, but will not block them. The logs in both passive and active modes offer information regarding the kind of the attack and how it was stopped, what IP address it came from and other important information that could help you to tighten the security of your Internet sites by updating them or blocking IPs, for instance. In addition to the commercial rules we get for ModSecurity from a third-party security company, we also use our own rules as from time to time we discover specific attacks which are not yet present within the commercial pack. That way, we can improve the security of your VPS right away as opposed to awaiting a certified update.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain that you create on the web server. In the event that a web application does not work properly, you could either disable the firewall or set it to work in passive mode. The latter means that ModSecurity shall keep a log of any possible attack which could happen, but shall not take any action to prevent it. The logs produced in active or passive mode shall give you more details about the exact file that was attacked, the form of the attack and the IP address it came from, etcetera. This data will allow you to determine what measures you can take to boost the safety of your Internet sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated often with a commercial package from a third-party security firm we work with, but from time to time our staff include their own rules too when they come across a new potential threat.