ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and in case it discovers an intrusion attempt, it prevents it. The firewall additionally keeps a more comprehensive log for the traffic than any web server does, so you'll be able to keep track of what's happening with your Internet sites much better than if you rely merely on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For example, it identifies if somebody is trying to log in to the administration area of a specific script a number of times or if a request is sent to execute a file with a certain command. In such situations these attempts set off the corresponding rules and the firewall program blocks the attempts immediately, and then records comprehensive info about them within its logs. ModSecurity is amongst the most effective software firewalls available and it can protect your web applications against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.

ModSecurity in Cloud Hosting

We provide ModSecurity with all cloud hosting solutions, so your web apps shall be resistant to harmful attacks. The firewall is turned on as standard for all domains and subdomains, but if you would like, you'll be able to stop it using the respective part of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you'll find inside Hepsia are very detailed and offer data about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, and so forth. We use a set of commercial rules which are often updated, but sometimes our admins include custom rules as well so as to better protect the sites hosted on our machines.

ModSecurity in Semi-dedicated Servers

We've included ModSecurity as a standard within all semi-dedicated server products, so your web apps shall be protected the instant you set them up under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts will permit you to activate or disable the firewall for any site with a click. You shall also have the ability to activate a passive detection mode in which ModSecurity shall keep a log of potential attacks without actually stopping them. The thorough logs contain the nature of the attack and what ModSecurity response that attack triggered, where it originated from, etcetera. The list of rules we use is frequently updated as to match any new threats that may appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones that our admins include in the event that they discover a threat which is not present in the commercial list yet.

ModSecurity in VPS Servers

All VPS servers that are set up with the Hepsia CP come with ModSecurity. The firewall is set up and switched on by default for all domains which are hosted on the server, so there shall not be anything special which you'll have to do to protect your websites. It will take you a mouse click to stop ModSecurity if necessary or to turn on its passive mode so that it records what happens without taking any actions to stop intrusions. You'll be able to look at the logs generated in active or passive mode via the corresponding section of Hepsia and find out more about the form of the attack, where it originated from, what rule the firewall employed to tackle it, etcetera. We use a mix of commercial and custom rules in order to make sure that ModSecurity shall prevent as many risks as possible, therefore boosting the protection of your web apps as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain you create on the hosting server. In the event that a web application does not function properly, you can either turn off the firewall or set it to function in passive mode. The latter means that ModSecurity shall keep a log of any potential attack which could take place, but shall not take any action to prevent it. The logs created in active or passive mode will present you with more details about the exact file which was attacked, the type of the attack and the IP it originated from, etcetera. This information shall allow you to choose what measures you can take to boost the protection of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated constantly with a commercial package from a third-party security firm we work with, but sometimes our staff include their own rules too if they come across a new potential threat.