ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its operation and if it detects an intrusion attempt, it prevents it. The firewall also keeps a more thorough log for the site visitors than any server does, so you'll be able to keep an eye on what's going on with your Internet sites much better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it stops attacks. For example, it recognizes whether somebody is attempting to log in to the administrator area of a given script a number of times or if a request is sent to execute a file with a particular command. In such situations these attempts set off the corresponding rules and the firewall software hinders the attempts right away, then records in-depth information about them inside its logs. ModSecurity is one of the best software firewalls on the market and it can easily protect your web applications against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.

ModSecurity in Hosting

ModSecurity comes by default with all hosting solutions which we supply and it'll be switched on automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to activate and disable it with only a click or set it to detection mode, so it shall maintain a log of all attacks, but it'll not do anything to prevent them. The log for each of your sites shall include in-depth info including the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules that we use are frequently updated and comprise of both commercial ones we get from a third-party security firm and custom ones which our system administrators add in case that they detect a new sort of attacks. This way, the sites you host here shall be a lot more protected without any action expected on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions which we offer include ModSecurity and because the firewall is switched on by default, any website that you set up under a domain or a subdomain shall be secured right from the start. A separate section in the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it will allow you to stop and start the firewall for any site or switch on a detection mode. With the latter, ModSecurity won't take any action, but it will still recognize possible attacks and will keep all information inside a log as if it were fully active. The logs could be found within the same section of the Control Panel and they feature details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etcetera. The security rules that we use on our web servers are a mix between commercial ones from a security company and custom ones developed by our system admins. For that reason, we offer greater security for your web applications as we can shield them from attacks even before security companies release updates for completely new threats.

ModSecurity in VPS Web Hosting

Safety is essential to us, so we install ModSecurity on all virtual private servers that are made available with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section inside Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you will not have to do anything personally. You shall also be able to disable it or turn on the so-called detection mode, so it shall keep a log of possible attacks which you can later examine, but will not stop them. The logs in both passive and active modes offer information about the type of the attack and how it was eliminated, what IP it came from and other valuable data which might help you to tighten the security of your sites by updating them or blocking IPs, as an example. Besides the commercial rules that we get for ModSecurity from a third-party security firm, we also use our own rules because once in a while we detect specific attacks which are not yet present within the commercial pack. This way, we can improve the protection of your Virtual private server instantly rather than waiting for an official update.

ModSecurity in Dedicated Servers Hosting

ModSecurity is available by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain you create on the web server. In case that a web app does not operate properly, you may either turn off the firewall or set it to function in passive mode. The latter means that ModSecurity will keep a log of any possible attack which could happen, but will not take any action to stop it. The logs produced in active or passive mode shall present you with more details about the exact file that was attacked, the type of the attack and the IP it originated from, etcetera. This information shall permit you to decide what measures you can take to boost the protection of your sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated constantly with a commercial bundle from a third-party security company we work with, but occasionally our administrators add their own rules too in the event that they find a new potential threat.