ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its performance and if it detects an intrusion attempt, it blocks it. The firewall also keeps a more detailed log for the traffic than any server does, so you will be able to keep an eye on what's happening with your websites much better than if you rely merely on standard logs. ModSecurity works with security rules based on which it prevents attacks. For instance, it detects whether somebody is trying to log in to the administrator area of a given script several times or if a request is sent to execute a file with a specific command. In such cases these attempts set off the corresponding rules and the firewall software blocks the attempts right away, and then records in-depth info about them within its logs. ModSecurity is among the very best software firewalls on the market and it can protect your web apps against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.

ModSecurity in Cloud Web Hosting

We offer ModSecurity with all cloud web hosting solutions, so your Internet apps will be protected against harmful attacks. The firewall is turned on as standard for all domains and subdomains, but if you would like, you'll be able to stop it using the respective section of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you will find within Hepsia are very detailed and include info about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, etc. We employ a set of commercial rules that are regularly updated, but sometimes our administrators include custom rules as well in order to efficiently protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Servers

Any web program you install inside your new semi-dedicated server account will be protected by ModSecurity since the firewall comes with all our hosting solutions and is turned on by default for any domain and subdomain which you include or create via your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated section in Hepsia where not only can you activate or deactivate it completely, but you can also switch on a passive mode, so the firewall won't block anything, but it shall still keep a record of potential attacks. This normally requires only a click and you will be able to view the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was addressed, and so forth. The firewall employs 2 sets of rules on our servers - a commercial one which we get from a third-party web security firm and a custom one which our admins update manually in order to respond to recently discovered risks at the earliest opportunity.

ModSecurity in VPS Servers

ModSecurity is included with all Hepsia-based VPS servers which we offer and it will be activated automatically for any new domain or subdomain which you include on the web server. This way, any web application that you install will be secured right away without doing anything personally on your end. The firewall may be managed via the section of the Control Panel which bears the same name. This is the location in whichyou could switch off ModSecurity or enable its passive mode, so it will not take any action toward threats, but will still keep a detailed log. The recorded information is available within the same section as well and you will be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules that we employ on our servers are a mixture between commercial ones we obtain from a security company and custom ones that are included by our administrators to maximize the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain which you create on the web server. In case that a web application does not work properly, you can either disable the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any potential attack which could occur, but will not take any action to stop it. The logs produced in passive or active mode will give you additional details about the exact file that was attacked, the type of the attack and the IP it came from, etc. This information shall enable you to determine what steps you can take to enhance the protection of your Internet sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated regularly with a commercial package from a third-party security enterprise we work with, but sometimes our administrators add their own rules also when they discover a new potential threat.