ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and when it detects an intrusion attempt, it blocks it. The firewall also keeps a more thorough log for the site visitors than any server does, so you'll be able to monitor what is going on with your websites much better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For example, it identifies if anyone is attempting to log in to the administration area of a given script a number of times or if a request is sent to execute a file with a certain command. In these circumstances these attempts trigger the corresponding rules and the firewall hinders the attempts in real time, and then records detailed info about them inside its logs. ModSecurity is among the best software firewalls on the market and it can protect your web apps against many threats and vulnerabilities, especially if you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

ModSecurity is available on all cloud hosting machines, so when you choose to host your Internet sites with our company, they will be shielded from a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you shall have to do on your end. You shall be able to stop ModSecurity for any site if required, or to activate a detection mode, so all activity will be recorded, but the firewall will not take any real action. You shall be able to view comprehensive logs through your Hepsia Control Panel including the IP where the attack originated from, what the attacker wanted to do and how ModSecurity handled the threat. Since we take the security of our clients' websites seriously, we use a group of commercial rules that we take from one of the leading companies which maintain this type of rules. Our administrators also include custom rules to ensure that your sites shall be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server plans and if you choose to host your websites with us, there shall not be anything special you'll need to do as the firewall is turned on by default for all domains and subdomains that you add using your hosting CP. If necessary, you could disable ModSecurity for a certain website or enable the so-called detection mode in which case the firewall will still function and record data, but shall not do anything to stop possible attacks on your Internet sites. Thorough logs will be accessible within your CP and you will be able to see what sort of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, and so forth. We use two sorts of rules on our servers - commercial ones from an organization which operates in the field of web security, and custom made ones which our admins occasionally add to respond to newly found risks on time.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are provided with the Hepsia hosting CP, so your web apps shall be protected from the instant your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if required, you'll be able to disable it with a click via the corresponding section of Hepsia. You could also set it to operate in detection mode, so it will keep a comprehensive log of any potential attacks without taking any action to stop them. The logs are available in the exact same section and include info about the nature of the attack, what IP it came from and what ModSecurity rule was activated to stop it. For optimum security, we employ not only commercial rules from a business operating in the field of web security, but also custom ones our administrators add personally in order to react to new risks which are still not addressed in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain you create on the server. In case that a web app does not work correctly, you may either disable the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any potential attack that could happen, but will not take any action to stop it. The logs created in active or passive mode will present you with additional details about the exact file which was attacked, the type of the attack and the IP it originated from, and so forth. This information shall permit you to determine what measures you can take to improve the protection of your Internet sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated regularly with a commercial pack from a third-party security firm we work with, but sometimes our administrators include their own rules too if they find a new potential threat.