ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and if it detects an intrusion attempt, it blocks it. The firewall also keeps a more thorough log for the traffic than any web server does, so you'll be able to keep an eye on what's happening with your websites better than if you rely only on standard logs. ModSecurity uses security rules based on which it prevents attacks. For instance, it identifies if somebody is attempting to log in to the admin area of a certain script a number of times or if a request is sent to execute a file with a specific command. In such circumstances these attempts trigger the corresponding rules and the firewall hinders the attempts in real time, and then records in-depth details about them in its logs. ModSecurity is among the very best software firewalls on the market and it could easily protect your web applications against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

ModSecurity is offered with every single cloud hosting package that we provide and it is turned on by default for any domain or subdomain which you include through your Hepsia Control Panel. In the event that it interferes with any of your apps or you'd like to disable it for any reason, you shall be able to do that through the ModSecurity section of Hepsia with simply a click. You can also use a passive mode, so the firewall will recognize potential attacks and keep a log, but won't take any action. You'll be able to see comprehensive logs in the same section, including the IP where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so forth. For max safety of our customers we use a group of commercial firewall rules combined with custom ones which are provided by our system administrators.

ModSecurity in Semi-dedicated Servers

We've included ModSecurity as a standard in all semi-dedicated server products, so your web apps shall be protected the instant you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall permit you to activate or turn off the firewall for any site with a mouse click. You will also have the ability to turn on a passive detection mode through which ModSecurity will maintain a log of possible attacks without actually preventing them. The thorough logs contain the nature of the attack and what ModSecurity response that attack caused, where it came from, and so on. The list of rules we employ is regularly updated in order to match any new risks that could appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones that our administrators add in the event that they find a threat that is not present inside the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are set up with the Hepsia hosting Control Panel, so your web programs shall be protected from the moment your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if needed, you could disable it with a mouse click through the corresponding section of Hepsia. You may also set it to operate in detection mode, so it'll keep a detailed log of any potential attacks without taking any action to prevent them. The logs can be found in the very same section and offer details about the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For best security, we employ not just commercial rules from a business working in the field of web security, but also custom ones which our administrators include manually so as to respond to new threats that are still not addressed in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is available by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain which you create on the hosting server. In the event that a web app does not work properly, you may either disable the firewall or set it to operate in passive mode. The latter means that ModSecurity will keep a log of any possible attack that may take place, but won't take any action to stop it. The logs created in active or passive mode shall provide you with additional details about the exact file that was attacked, the type of the attack and the IP it originated from, etc. This info will enable you to decide what measures you can take to increase the protection of your Internet sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated often with a commercial bundle from a third-party security firm we work with, but sometimes our staff add their own rules also in the event that they come across a new potential threat.