ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and when it detects an intrusion attempt, it prevents it. The firewall also keeps a more thorough log for the website visitors than any web server does, so you will be able to keep track of what's happening with your websites a lot better than if you rely merely on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it identifies if anyone is trying to log in to the admin area of a given script a number of times or if a request is sent to execute a file with a specific command. In such circumstances these attempts set off the corresponding rules and the firewall hinders the attempts right away, and then records comprehensive information about them inside its logs. ModSecurity is among the most effective software firewalls available and it can easily protect your web apps against a huge number of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Cloud Hosting

ModSecurity is available on all cloud hosting web servers, so if you decide to host your Internet sites with our business, they'll be resistant to an array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you shall have to do on your end. You'll be able to stop ModSecurity for any Internet site if necessary, or to enable a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You'll be able to view comprehensive logs via your Hepsia Control Panel including the IP where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. As we take the protection of our clients' websites seriously, we use a selection of commercial rules which we take from one of the best firms that maintain this kind of rules. Our administrators also add custom rules to make certain that your sites shall be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server plans and if you choose to host your sites with us, there will not be anything special you'll need to do as the firewall is turned on by default for all domains and subdomains that you add via your hosting Control Panel. If necessary, you can disable ModSecurity for a particular site or enable the so-called detection mode in which case the firewall will still function and record data, but shall not do anything to prevent potential attacks against your Internet sites. Thorough logs shall be available within your Control Panel and you will be able to see which kind of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, etc. We employ 2 sorts of rules on our servers - commercial ones from an organization which operates in the field of web security, and customized ones which our administrators sometimes include to respond to newly found risks on time.

ModSecurity in VPS Servers

Security is of the utmost importance to us, so we set up ModSecurity on all VPS servers which are set up with the Hepsia CP as a standard. The firewall could be managed via a dedicated section inside Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you won't need to do anything personally. You shall also be able to disable it or turn on the so-called detection mode, so it shall keep a log of possible attacks that you can later analyze, but won't stop them. The logs in both passive and active modes include info about the kind of the attack and how it was prevented, what IP it came from and other valuable information that might help you to tighten the security of your websites by updating them or blocking IPs, for instance. In addition to the commercial rules that we get for ModSecurity from a third-party security enterprise, we also use our own rules as every now and then we identify specific attacks that aren't yet present in the commercial pack. That way, we can enhance the protection of your VPS instantly as opposed to awaiting a certified update.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the hosting server. Just in case that a web app does not function properly, you can either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity shall maintain a log of any potential attack which may take place, but will not take any action to stop it. The logs produced in passive or active mode will provide you with more details about the exact file that was attacked, the nature of the attack and the IP address it came from, and so forth. This data will allow you to choose what measures you can take to increase the protection of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated regularly with a commercial pack from a third-party security enterprise we work with, but occasionally our staff add their own rules too when they identify a new potential threat.