ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its functionality and in case it detects an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the site visitors than any web server does, so you'll manage to keep an eye on what's going on with your sites a lot better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it identifies if somebody is attempting to log in to the administration area of a given script several times or if a request is sent to execute a file with a particular command. In such situations these attempts set off the corresponding rules and the firewall program blocks the attempts instantly, and then records in-depth information about them in its logs. ModSecurity is one of the very best software firewalls available and it can easily protect your web apps against many threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Shared Web Hosting

ModSecurity can be found with every shared web hosting solution that we offer and it is switched on by default for any domain or subdomain that you include via your Hepsia Control Panel. In the event that it interferes with any of your apps or you would like to disable it for whatever reason, you will be able to achieve that through the ModSecurity section of Hepsia with simply a click. You may also activate a passive mode, so the firewall will detect possible attacks and maintain a log, but won't take any action. You could view comprehensive logs in the exact same section, including the IP where the attack came from, what precisely the attacker aimed to do and at what time, what ModSecurity did, etcetera. For maximum security of our clients we use a collection of commercial firewall rules mixed with custom ones that are added by our system admins.

ModSecurity in Semi-dedicated Servers

Any web app that you set up in your new semi-dedicated server account shall be protected by ModSecurity as the firewall is provided with all our hosting packages and is turned on by default for any domain and subdomain you include or create using your Hepsia hosting CP. You shall be able to manage ModSecurity through a dedicated area in Hepsia where not only can you activate or deactivate it entirely, but you may also switch on a passive mode, so the firewall will not block anything, but it will still keep a record of possible attacks. This normally requires simply a click and you'll be able to view the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was addressed, and so forth. The firewall employs 2 groups of rules on our machines - a commercial one that we get from a third-party web security firm and a custom one that our admins update manually as to respond to recently discovered risks at the earliest opportunity.

ModSecurity in VPS Servers

Safety is vital to us, so we install ModSecurity on all VPS servers which are provided with the Hepsia CP as a standard. The firewall could be managed through a dedicated section within Hepsia and is turned on automatically when you include a new domain or generate a subdomain, so you will not need to do anything manually. You'll also be able to deactivate it or activate the so-called detection mode, so it'll keep a log of potential attacks that you can later analyze, but won't stop them. The logs in both passive and active modes include details about the form of the attack and how it was eliminated, what IP address it came from and other valuable data that might help you to tighten the security of your sites by updating them or blocking IPs, for example. On top of the commercial rules that we get for ModSecurity from a third-party security enterprise, we also employ our own rules as from time to time we discover specific attacks which are not yet present in the commercial pack. That way, we can improve the protection of your Virtual private server right away as opposed to waiting for a certified update.

ModSecurity in Dedicated Servers

All our dedicated servers which are set up with the Hepsia hosting CP include ModSecurity, so any application you upload or set up will be secured from the very beginning and you will not need to stress about common attacks or vulnerabilities. An independent section within Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information about intrusions, but does not take actions to prevent them. What you'll discover in the logs can easily help you to secure your Internet sites better - the IP an attack originated from, what website was attacked and in what way, what ModSecurity rule was triggered, and so forth. With this info, you could see whether a website needs an update, whether you need to block IPs from accessing your web server, and so on. In addition to the third-party commercial security rules for ModSecurity that we use, our admins add custom ones too every time they find a new threat which is not yet in the commercial bundle.