ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and in case it identifies an intrusion attempt, it blocks it. The firewall also keeps a more detailed log for the traffic than any web server does, so you shall be able to keep an eye on what's going on with your Internet sites a lot better than if you rely merely on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For instance, it identifies whether somebody is attempting to log in to the administration area of a given script several times or if a request is sent to execute a file with a specific command. In these cases these attempts set off the corresponding rules and the firewall program hinders the attempts in real time, then records detailed info about them inside its logs. ModSecurity is among the most effective software firewalls out there and it can easily protect your web apps against a huge number of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.

ModSecurity in Shared Hosting

ModSecurity can be found with every shared hosting package that we provide and it is turned on by default for any domain or subdomain which you include through your Hepsia Control Panel. If it disrupts any of your programs or you would like to disable it for any reason, you'll be able to achieve that through the ModSecurity section of Hepsia with only a click. You could also activate a passive mode, so the firewall will detect potential attacks and keep a log, but shall not take any action. You can view extensive logs in the exact same section, including the IP address where the attack originated from, exactly what the attacker tried to do and at what time, what ModSecurity did, etc. For maximum safety of our customers we use a set of commercial firewall rules combined with custom ones which are provided by our system administrators.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages that we offer come with ModSecurity and since the firewall is enabled by default, any site that you create under a domain or a subdomain shall be protected straight away. An independent section in the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll permit you to start and stop the firewall for any Internet site or activate a detection mode. With the last mentioned, ModSecurity will not take any action, but it shall still recognize possible attacks and will keep all information inside a log as if it were fully active. The logs can be found in the same section of the CP and they feature information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules we use on our machines are a mix between commercial ones from a security business and custom ones created by our system administrators. As a result, we offer higher security for your web applications as we can shield them from attacks even before security businesses release updates for brand new threats.

ModSecurity in VPS Servers

Safety is vital to us, so we set up ModSecurity on all VPS servers which are provided with the Hepsia CP by default. The firewall can be managed through a dedicated section in Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you'll not have to do anything manually. You shall also be able to deactivate it or turn on the so-called detection mode, so it'll maintain a log of possible attacks that you can later examine, but will not block them. The logs in both passive and active modes contain details regarding the kind of the attack and how it was stopped, what IP address it originated from and other useful information which might help you to tighten the security of your websites by updating them or blocking IPs, as an example. In addition to the commercial rules which we get for ModSecurity from a third-party security company, we also use our own rules since occasionally we identify specific attacks which aren't yet present in the commercial pack. That way, we can easily improve the protection of your Virtual private server instantly as opposed to waiting for an official update.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers that are integrated with our Hepsia CP and you won't have to do anything specific on your end to use it since it is switched on by default each time you include a new domain or subdomain on your server. In case it interferes with some of your applications, you shall be able to stop it through the respective part of Hepsia, or you may leave it operating in passive mode, so it shall identify attacks and shall still maintain a log for them, but won't prevent them. You may examine the logs later to find out what you can do to increase the protection of your Internet sites since you will find details such as where an intrusion attempt originated from, what site was attacked and in accordance with what rule ModSecurity responded, etc. The rules which we employ are commercial, therefore they're regularly updated by a security company, but to be on the safe side, our admins also add custom rules from time to time in order to react to any new threats they have found.