ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its functionality and when it detects an intrusion attempt, it prevents it. The firewall additionally keeps a more thorough log for the traffic than any server does, so you shall be able to keep an eye on what's going on with your websites a lot better than if you rely only on standard logs. ModSecurity uses security rules based on which it stops attacks. For example, it recognizes if anyone is trying to log in to the administration area of a specific script a number of times or if a request is sent to execute a file with a certain command. In these circumstances these attempts set off the corresponding rules and the firewall blocks the attempts immediately, and then records detailed details about them within its logs. ModSecurity is among the most effective software firewalls on the market and it can easily protect your web apps against a huge number of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

We offer ModSecurity with all cloud hosting solutions, so your Internet applications will be shielded from harmful attacks. The firewall is activated by default for all domains and subdomains, but if you'd like, you'll be able to stop it through the respective part of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you'll discover within Hepsia are very detailed and feature information about the nature of any attack, when it transpired and from what IP address, the firewall rule that was triggered, etcetera. We employ a set of commercial rules which are constantly updated, but sometimes our admins add custom rules as well in order to better protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting solutions and if you opt to host your websites with our company, there will not be anything special you will have to do since the firewall is turned on by default for all domains and subdomains you include via your hosting CP. If required, you could disable ModSecurity for a particular Internet site or switch on the so-called detection mode in which case the firewall will still work and record information, but will not do anything to stop possible attacks on your sites. Thorough logs shall be available inside your CP and you shall be able to see which kind of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, and so on. We employ 2 types of rules on our servers - commercial ones from a company that operates in the field of web security, and custom ones that our admins sometimes include to respond to newly identified risks promptly.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers that are provided with the Hepsia hosting Control Panel, so your web applications shall be secured from the second your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if needed, you'll be able to deactivate it with a click from the corresponding section of Hepsia. You could also set it to function in detection mode, so it shall maintain a detailed log of any possible attacks without taking any action to prevent them. The logs can be found within the very same section and include information regarding the nature of the attack, what IP it came from and what ModSecurity rule was activated to stop it. For maximum security, we employ not just commercial rules from a business operating in the field of web security, but also custom ones which our administrators add manually in order to react to new risks which are still not addressed in the commercial rules.

ModSecurity in Dedicated Hosting

ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain which you create on the web server. In case that a web application does not function correctly, you could either turn off the firewall or set it to operate in passive mode. The latter means that ModSecurity will keep a log of any possible attack which could take place, but shall not take any action to prevent it. The logs generated in active or passive mode will offer you additional details about the exact file which was attacked, the nature of the attack and the IP it originated from, and so forth. This info will allow you to determine what measures you can take to increase the protection of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated often with a commercial pack from a third-party security company we work with, but occasionally our admins include their own rules also if they come across a new potential threat.