ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and when it detects an intrusion attempt, it blocks it. The firewall also maintains a more comprehensive log for the website visitors than any server does, so you will manage to keep an eye on what is going on with your Internet sites a lot better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it stops attacks. For instance, it identifies whether anyone is trying to log in to the admin area of a particular script multiple times or if a request is sent to execute a file with a specific command. In these circumstances these attempts set off the corresponding rules and the firewall blocks the attempts in real time, then records comprehensive details about them inside its logs. ModSecurity is amongst the most effective software firewalls out there and it can easily protect your web apps against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins often.

ModSecurity in Web Hosting

ModSecurity comes by default with all web hosting plans that we offer and it will be turned on automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and disable it with simply a mouse click or set it to detection mode, so it'll keep a log of all attacks, but it'll not do anything to stop them. The log for each of your sites shall feature in-depth info such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules that we use are frequently updated and comprise of both commercial ones which we get from a third-party security business and custom ones which our system administrators add in the event that they detect a new sort of attacks. That way, the Internet sites you host here will be way more secure without any action required on your end.

ModSecurity in Semi-dedicated Hosting

Any web program you install in your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall is provided with all our hosting plans and is activated by default for any domain and subdomain which you include or create using your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated section in Hepsia where not only can you activate or deactivate it entirely, but you can also activate a passive mode, so the firewall won't stop anything, but it shall still maintain a record of potential attacks. This requires simply a click and you will be able to look at the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was addressed, etc. The firewall uses 2 groups of rules on our machines - a commercial one that we get from a third-party web security provider and a custom one which our admins update manually as to respond to newly discovered threats as fast as possible.

ModSecurity in VPS

Safety is extremely important to us, so we set up ModSecurity on all virtual private servers that are set up with the Hepsia CP as a standard. The firewall could be managed via a dedicated section in Hepsia and is activated automatically when you include a new domain or create a subdomain, so you will not need to do anything manually. You will also be able to disable it or switch on the so-called detection mode, so it'll keep a log of potential attacks you can later study, but shall not stop them. The logs in both passive and active modes include details regarding the type of the attack and how it was eliminated, what IP address it originated from and other valuable info that may help you to tighten the security of your websites by updating them or blocking IPs, as an example. Besides the commercial rules we get for ModSecurity from a third-party security enterprise, we also implement our own rules since occasionally we detect specific attacks that are not yet present in the commercial pack. That way, we can increase the security of your VPS instantly instead of awaiting a certified update.

ModSecurity in Dedicated Hosting

ModSecurity is offered as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain you create on the web server. In the event that a web application does not work correctly, you can either turn off the firewall or set it to work in passive mode. The second means that ModSecurity shall maintain a log of any potential attack which may occur, but won't take any action to prevent it. The logs created in active or passive mode will give you more details about the exact file that was attacked, the type of the attack and the IP address it came from, etc. This information shall enable you to decide what steps you can take to improve the security of your sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated constantly with a commercial bundle from a third-party security provider we work with, but sometimes our admins include their own rules too if they come across a new potential threat.