ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its operation and if it discovers an intrusion attempt, it blocks it. The firewall also maintains a more comprehensive log for the traffic than any web server does, so you will be able to monitor what's happening with your websites a lot better than if you rely simply on conventional logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it detects whether someone is attempting to log in to the admin area of a given script a number of times or if a request is sent to execute a file with a specific command. In such cases these attempts trigger the corresponding rules and the firewall program blocks the attempts immediately, then records comprehensive details about them within its logs. ModSecurity is one of the most effective software firewalls on the market and it can easily protect your web applications against many threats and vulnerabilities, especially if you don’t update them or their plugins frequently.

ModSecurity in Shared Web Hosting

ModSecurity is available on all shared web hosting machines, so when you decide to host your websites with our firm, they shall be shielded from a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you shall have to do on your end. You shall be able to stop ModSecurity for any website if needed, or to activate a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You shall be able to view specific logs through your Hepsia CP including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity handled the threat. As we take the protection of our clients' sites very seriously, we employ a collection of commercial rules that we take from one of the top companies which maintain such rules. Our administrators also add custom rules to make certain that your sites shall be protected against as many threats as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server plans and if you decide to host your Internet sites with our company, there will not be anything special you'll have to do since the firewall is turned on by default for all domains and subdomains you include via your hosting CP. If required, you could disable ModSecurity for a given website or turn on the so-called detection mode in which case the firewall shall still function and record data, but shall not do anything to stop potential attacks on your Internet sites. Comprehensive logs will be readily available inside your CP and you shall be able to see what type of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, etcetera. We employ two types of rules on our servers - commercial ones from a business that operates in the field of web security, and customized ones which our admins sometimes add to respond to newly identified risks promptly.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers which we offer and it will be activated automatically for every new domain or subdomain which you include on the machine. In this way, any web app which you install shall be protected from the very beginning without doing anything manually on your end. The firewall may be managed through the section of the Control Panel that has the same name. This is the area in whichyou can turn off ModSecurity or let its passive mode, so it will not take any action towards threats, but will still keep a thorough log. The recorded info is available inside the same area as well and you'll be able to see what IPs any attacks came from so that you can block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules that we employ on our servers are a blend between commercial ones which we get from a security organization and custom ones which are added by our admins to maximize the security of any web applications hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain which you create on the server. In case that a web app doesn't operate correctly, you may either disable the firewall or set it to work in passive mode. The second means that ModSecurity shall keep a log of any possible attack that might happen, but will not take any action to stop it. The logs produced in active or passive mode will provide you with more details about the exact file which was attacked, the type of the attack and the IP it originated from, and so on. This data shall enable you to choose what actions you can take to enhance the safety of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated regularly with a commercial pack from a third-party security provider we work with, but from time to time our admins include their own rules also in case they come across a new potential threat.