ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its performance and if it discovers an intrusion attempt, it blocks it. The firewall additionally maintains a more comprehensive log for the site visitors than any web server does, so you'll be able to keep track of what is happening with your Internet sites much better than if you rely only on standard logs. ModSecurity works with security rules based on which it helps prevent attacks. For instance, it identifies if somebody is attempting to log in to the administrator area of a given script several times or if a request is sent to execute a file with a specific command. In these situations these attempts set off the corresponding rules and the firewall software hinders the attempts right away, after that records detailed information about them inside its logs. ModSecurity is among the best software firewalls on the market and it can easily protect your web applications against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.

ModSecurity in Cloud Hosting

ModSecurity comes standard with all cloud hosting packages that we supply and it'll be turned on automatically for any domain or subdomain which you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you could activate and disable it with simply a mouse click or set it to detection mode, so it'll maintain a log of all attacks, but it will not do anything to prevent them. The log for each of your sites will include in-depth information such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are frequently updated and incorporate both commercial ones that we get from a third-party security business and custom ones which our system administrators include in case that they detect a new type of attacks. That way, the Internet sites that you host here shall be much more secure without any action required on your end.

ModSecurity in Semi-dedicated Servers

Any web program which you set up in your new semi-dedicated server account shall be protected by ModSecurity because the firewall comes with all our hosting solutions and is activated by default for any domain and subdomain you add or create using your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated section within Hepsia where not simply can you activate or deactivate it completely, but you could also switch on a passive mode, so the firewall won't stop anything, but it will still maintain a record of potential attacks. This requires simply a mouse click and you shall be able to view the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was taken care of, etc. The firewall employs 2 sets of rules on our servers - a commercial one which we get from a third-party web security firm and a custom one that our admins update manually in order to respond to newly discovered risks as quickly as possible.

ModSecurity in VPS Servers

Safety is of the utmost importance to us, so we set up ModSecurity on all VPS servers that are set up with the Hepsia CP by default. The firewall can be managed through a dedicated section inside Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you'll not need to do anything manually. You shall also be able to disable it or activate the so-called detection mode, so it'll keep a log of potential attacks which you can later study, but won't block them. The logs in both passive and active modes offer details regarding the type of the attack and how it was stopped, what IP it came from and other useful info that may help you to tighten the security of your sites by updating them or blocking IPs, for instance. Besides the commercial rules which we get for ModSecurity from a third-party security enterprise, we also employ our own rules since occasionally we find specific attacks which are not yet present inside the commercial pack. That way, we could improve the security of your Virtual private server immediately rather than waiting for a certified update.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain that you create on the server. Just in case that a web application doesn't function correctly, you can either disable the firewall or set it to operate in passive mode. The latter means that ModSecurity will maintain a log of any potential attack which might take place, but won't take any action to stop it. The logs created in passive or active mode will offer you additional details about the exact file which was attacked, the nature of the attack and the IP address it originated from, and so on. This info shall permit you to choose what steps you can take to boost the protection of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated constantly with a commercial bundle from a third-party security enterprise we work with, but from time to time our administrators include their own rules as well in case they identify a new potential threat.