ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its operation and if it identifies an intrusion attempt, it prevents it. The firewall furthermore keeps a more detailed log for the traffic than any web server does, so you will manage to monitor what is going on with your Internet sites much better than if you rely merely on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For instance, it recognizes if someone is trying to log in to the administration area of a certain script several times or if a request is sent to execute a file with a particular command. In such situations these attempts set off the corresponding rules and the software blocks the attempts instantly, and then records detailed info about them within its logs. ModSecurity is one of the best software firewalls on the market and it can protect your web applications against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins frequently.

ModSecurity in Shared Hosting

We provide ModSecurity with all shared hosting solutions, so your web apps will be protected against harmful attacks. The firewall is activated by default for all domains and subdomains, but if you would like, you'll be able to stop it through the respective section of your Hepsia Control Panel. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you shall find in Hepsia are very detailed and include data about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, etcetera. We employ a set of commercial rules that are regularly updated, but sometimes our admins include custom rules as well so as to better protect the Internet sites hosted on our machines.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server plans and if you choose to host your Internet sites with us, there shall not be anything special you'll have to do as the firewall is turned on by default for all domains and subdomains you include via your hosting CP. If required, you'll be able to disable ModSecurity for a given Internet site or enable the so-called detection mode in which case the firewall will still function and record information, but shall not do anything to prevent possible attacks against your websites. Thorough logs shall be accessible in your Control Panel and you will be able to see what sort of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks originated from, and so on. We use 2 kinds of rules on our servers - commercial ones from a firm that operates in the field of web security, and custom made ones that our administrators sometimes add to respond to newly identified risks on time.

ModSecurity in VPS Servers

Protection is essential to us, so we install ModSecurity on all VPS servers which are provided with the Hepsia CP by default. The firewall can be managed through a dedicated section inside Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you'll not need to do anything manually. You will also be able to deactivate it or activate the so-called detection mode, so it shall keep a log of possible attacks which you can later analyze, but will not block them. The logs in both passive and active modes offer information about the form of the attack and how it was stopped, what IP address it originated from and other valuable info that could help you to tighten the security of your websites by updating them or blocking IPs, for example. Beyond the commercial rules that we get for ModSecurity from a third-party security company, we also implement our own rules because every now and then we find specific attacks which are not yet present inside the commercial pack. This way, we could improve the protection of your VPS right away rather than waiting for an official update.

ModSecurity in Dedicated Servers

ModSecurity is provided with all dedicated servers which are integrated with our Hepsia Control Panel and you'll not need to do anything specific on your end to use it because it is switched on by default whenever you add a new domain or subdomain on your web server. In the event that it interferes with any of your applications, you will be able to stop it through the respective area of Hepsia, or you could leave it working in passive mode, so it'll identify attacks and shall still keep a log for them, but won't prevent them. You'll be able to analyze the logs later to find out what you can do to boost the protection of your Internet sites since you will find details such as where an intrusion attempt originated from, what site was attacked and based upon what rule ModSecurity reacted, etcetera. The rules that we employ are commercial, thus they're frequently updated by a security firm, but to be on the safe side, our staff also include custom rules occasionally as to deal with any new threats they have found.