ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and in case it identifies an intrusion attempt, it blocks it. The firewall furthermore maintains a more comprehensive log for the website visitors than any web server does, so you will manage to monitor what's going on with your websites a lot better than if you rely only on conventional logs. ModSecurity works with security rules based on which it helps prevent attacks. For instance, it recognizes if someone is trying to log in to the administrator area of a certain script multiple times or if a request is sent to execute a file with a certain command. In such instances these attempts trigger the corresponding rules and the firewall program blocks the attempts in real time, then records in-depth info about them in its logs. ModSecurity is one of the most effective software firewalls available and it can easily protect your web applications against a huge number of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Cloud Web Hosting

We provide ModSecurity with all cloud web hosting solutions, so your web applications shall be shielded from destructive attacks. The firewall is switched on by default for all domains and subdomains, but if you'd like, you will be able to stop it through the respective part of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you will find within Hepsia are very detailed and include data about the nature of any attack, when it took place and from what IP address, the firewall rule which was triggered, and so on. We employ a group of commercial rules which are often updated, but sometimes our admins add custom rules as well so as to efficiently protect the Internet sites hosted on our machines.

ModSecurity in Semi-dedicated Servers

Any web app that you set up within your new semi-dedicated server account will be protected by ModSecurity since the firewall is provided with all our hosting packages and is activated by default for any domain and subdomain that you include or create via your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated section inside Hepsia where not only can you activate or deactivate it entirely, but you could also switch on a passive mode, so the firewall will not block anything, but it will still keep an archive of possible attacks. This takes only a mouse click and you'll be able to see the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was taken care of, etc. The firewall uses two groups of rules on our machines - a commercial one which we get from a third-party web security firm and a custom one that our administrators update personally in order to respond to recently discovered risks at the earliest opportunity.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers that we offer and it will be switched on automatically for any new domain or subdomain you include on the machine. This way, any web app you install shall be protected right from the start without doing anything manually on your end. The firewall may be managed from the section of the CP which bears the same name. This is the area whereyou could disable ModSecurity or activate its passive mode, so it shall not take any action against threats, but shall still keep a detailed log. The recorded information is available within the same section as well and you shall be able to see what IPs any attacks came from so that you can block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules that we use on our servers are a blend between commercial ones which we get from a security organization and custom ones which are added by our administrators to optimize the security of any web applications hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain you create on the server. In the event that a web app does not operate properly, you may either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity will maintain a log of any possible attack that might take place, but shall not take any action to prevent it. The logs produced in active or passive mode shall present you with more details about the exact file which was attacked, the form of the attack and the IP it originated from, and so forth. This information will allow you to choose what measures you can take to increase the safety of your sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated constantly with a commercial pack from a third-party security firm we work with, but oftentimes our staff add their own rules too if they identify a new potential threat.