ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its functionality and in case it detects an intrusion attempt, it blocks it. The firewall additionally keeps a more detailed log for the site visitors than any web server does, so you will manage to monitor what is happening with your sites a lot better than if you rely only on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it identifies if someone is attempting to log in to the administration area of a given script multiple times or if a request is sent to execute a file with a particular command. In such instances these attempts trigger the corresponding rules and the firewall blocks the attempts immediately, and then records comprehensive info about them in its logs. ModSecurity is among the best software firewalls available and it can protect your web apps against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.

ModSecurity in Website Hosting

We provide ModSecurity with all website hosting plans, so your web applications shall be shielded from malicious attacks. The firewall is activated by default for all domains and subdomains, but in case you would like, you will be able to stop it through the respective section of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you'll find inside Hepsia are incredibly detailed and offer info about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, etcetera. We employ a set of commercial rules which are constantly updated, but sometimes our administrators include custom rules as well in order to better protect the sites hosted on our machines.

ModSecurity in Semi-dedicated Servers

We've integrated ModSecurity by default inside all semi-dedicated server plans, so your web apps will be protected the instant you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts will permit you to switch on or turn off the firewall for any Internet site with a click. You will also be able to switch on a passive detection mode in which ModSecurity shall maintain a log of possible attacks without actually preventing them. The detailed logs contain the nature of the attack and what ModSecurity response this attack generated, where it came from, and so forth. The list of rules which we employ is regularly updated as to match any new risks which may appear on the Internet and it features both commercial rules that we get from a security firm and custom-written ones that our admins add if they find a threat which is not present inside the commercial list yet.

ModSecurity in VPS Servers

ModSecurity comes with all Hepsia-based VPS servers which we offer and it will be turned on automatically for every new domain or subdomain you include on the server. In this way, any web app which you install will be secured from the very beginning without doing anything personally on your end. The firewall can be handled through the section of the CP that has the same name. This is the area in whichyou can disable ModSecurity or let its passive mode, so it shall not take any action against threats, but will still keep a comprehensive log. The recorded data is available in the same section as well and you'll be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules which we use on our servers are a mixture between commercial ones which we get from a security company and custom ones which are added by our administrators to optimize the protection of any web applications hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is provided with all dedicated servers which are set up with our Hepsia CP and you won't have to do anything specific on your end to use it since it is activated by default every time you include a new domain or subdomain on your web server. In case it interferes with any of your programs, you will be able to stop it through the respective area of Hepsia, or you may leave it operating in passive mode, so it'll recognize attacks and will still maintain a log for them, but will not prevent them. You can analyze the logs later to learn what you can do to boost the security of your sites since you'll find details such as where an intrusion attempt originated from, what Internet site was attacked and based on what rule ModSecurity reacted, etcetera. The rules which we use are commercial, therefore they are frequently updated by a security firm, but to be on the safe side, our administrators also add custom rules once in a while as to respond to any new threats they have discovered.