ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its functionality and when it detects an intrusion attempt, it blocks it. The firewall also keeps a more detailed log for the traffic than any server does, so you will be able to keep an eye on what's going on with your websites a lot better than if you rely simply on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it identifies if somebody is attempting to log in to the admin area of a particular script a number of times or if a request is sent to execute a file with a certain command. In these circumstances these attempts trigger the corresponding rules and the firewall program blocks the attempts immediately, and then records in-depth details about them within its logs. ModSecurity is among the most effective software firewalls on the market and it can protect your web apps against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.

ModSecurity in Hosting

ModSecurity can be found with every hosting solution which we offer and it's activated by default for any domain or subdomain that you include through your Hepsia Control Panel. In the event that it disrupts any of your apps or you would like to disable it for some reason, you'll be able to achieve that through the ModSecurity section of Hepsia with simply a mouse click. You may also use a passive mode, so the firewall will detect potential attacks and keep a log, but will not take any action. You'll be able to see extensive logs in the very same section, including the IP address where the attack originated from, exactly what the attacker attempted to do and at what time, what ModSecurity did, and so on. For maximum security of our clients we use a group of commercial firewall rules combined with custom ones that are included by our system administrators.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server plans and if you choose to host your websites with our company, there shall not be anything special you'll need to do as the firewall is turned on by default for all domains and subdomains that you include via your hosting CP. If needed, you could disable ModSecurity for a particular Internet site or enable the so-called detection mode in which case the firewall shall still work and record information, but will not do anything to prevent potential attacks against your Internet sites. Detailed logs will be accessible in your CP and you shall be able to see what type of attacks took place, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, and so forth. We use two kinds of rules on our servers - commercial ones from a company that operates in the field of web security, and custom ones that our admins sometimes add to respond to newly found threats in a timely manner.

ModSecurity in VPS Servers

Safety is of the utmost importance to us, so we set up ModSecurity on all VPS servers which are made available with the Hepsia CP by default. The firewall could be managed via a dedicated section within Hepsia and is turned on automatically when you include a new domain or create a subdomain, so you won't have to do anything personally. You'll also be able to disable it or switch on the so-called detection mode, so it'll keep a log of possible attacks which you can later analyze, but won't stop them. The logs in both passive and active modes contain information regarding the form of the attack and how it was eliminated, what IP it came from and other useful information which could help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. Besides the commercial rules we get for ModSecurity from a third-party security firm, we also implement our own rules as every now and then we find specific attacks which aren't yet present within the commercial package. This way, we could improve the security of your VPS promptly rather than waiting for an official update.

ModSecurity in Dedicated Servers

ModSecurity is provided with all dedicated servers which are set up with our Hepsia CP and you'll not need to do anything specific on your end to use it because it's switched on by default each time you add a new domain or subdomain on your hosting server. In the event that it interferes with any of your programs, you will be able to stop it via the respective area of Hepsia, or you can leave it operating in passive mode, so it will recognize attacks and shall still maintain a log for them, but shall not block them. You'll be able to examine the logs later to determine what you can do to increase the security of your Internet sites since you shall find details such as where an intrusion attempt originated from, what website was attacked and based on what rule ModSecurity responded, and so on. The rules we employ are commercial, therefore they're regularly updated by a security firm, but to be on the safe side, our administrators also add custom rules from time to time in order to react to any new threats they have identified.