ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its overall performance and in case it identifies an intrusion attempt, it prevents it. The firewall additionally maintains a more detailed log for the website visitors than any server does, so you will manage to monitor what's happening with your websites much better than if you rely only on standard logs. ModSecurity works with security rules based on which it helps prevent attacks. For example, it identifies if someone is trying to log in to the administrator area of a particular script several times or if a request is sent to execute a file with a particular command. In these circumstances these attempts set off the corresponding rules and the firewall hinders the attempts right away, then records in-depth information about them within its logs. ModSecurity is among the most effective software firewalls on the market and it can easily protect your web apps against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins often.

ModSecurity in Shared Hosting

ModSecurity comes standard with all shared hosting solutions that we supply and it'll be turned on automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and disable it with just a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to prevent them. The log for any of your Internet sites shall contain detailed info which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are frequently updated and incorporate both commercial ones which we get from a third-party security firm and custom ones our system admins include in the event that they detect a new type of attacks. That way, the websites you host here will be much more protected with no action required on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages that we offer come with ModSecurity and because the firewall is turned on by default, any website which you create under a domain or a subdomain will be secured right away. An individual section within the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall permit you to stop and start the firewall for any Internet site or switch on a detection mode. With the latter, ModSecurity won't take any action, but it'll still identify possible attacks and shall keep all information in a log as if it were fully active. The logs could be found within the very same section of the Control Panel and they include info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules that we use on our servers are a mix between commercial ones from a security company and custom ones made by our system administrators. Consequently, we offer increased security for your web programs as we can defend them from attacks even before security corporations release updates for brand new threats.

ModSecurity in VPS Servers

Protection is very important to us, so we install ModSecurity on all VPS servers which are set up with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section inside Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you won't have to do anything manually. You'll also be able to disable it or activate the so-called detection mode, so it'll keep a log of potential attacks that you can later study, but won't stop them. The logs in both passive and active modes contain information about the form of the attack and how it was prevented, what IP address it came from and other valuable data which could help you to tighten the security of your websites by updating them or blocking IPs, as an example. On top of the commercial rules which we get for ModSecurity from a third-party security firm, we also implement our own rules since from time to time we identify specific attacks that are not yet present within the commercial pack. This way, we could increase the security of your VPS promptly as opposed to awaiting an official update.

ModSecurity in Dedicated Servers

ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the web server. In case that a web app doesn't operate correctly, you could either disable the firewall or set it to operate in passive mode. The latter means that ModSecurity shall keep a log of any possible attack that may happen, but won't take any action to prevent it. The logs generated in passive or active mode will give you more details about the exact file which was attacked, the nature of the attack and the IP it originated from, etcetera. This data will permit you to determine what steps you can take to increase the security of your Internet sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated constantly with a commercial pack from a third-party security firm we work with, but oftentimes our administrators add their own rules also when they identify a new potential threat.