ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its overall performance and in case it detects an intrusion attempt, it blocks it. The firewall furthermore keeps a more detailed log for the traffic than any server does, so you'll be able to monitor what is happening with your websites much better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it helps prevent attacks. For instance, it detects whether someone is attempting to log in to the admin area of a specific script a number of times or if a request is sent to execute a file with a particular command. In such cases these attempts trigger the corresponding rules and the firewall software hinders the attempts right away, then records in-depth details about them in its logs. ModSecurity is one of the best software firewalls available and it can easily protect your web apps against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.

ModSecurity in Shared Web Hosting

ModSecurity can be found with every single shared web hosting package that we offer and it is activated by default for every domain or subdomain which you add via your Hepsia Control Panel. In the event that it interferes with any of your programs or you'd like to disable it for any reason, you'll be able to achieve that through the ModSecurity section of Hepsia with simply a click. You can also enable a passive mode, so the firewall will detect possible attacks and keep a log, but won't take any action. You could see detailed logs in the exact same section, including the IP address where the attack came from, what precisely the attacker tried to do and at what time, what ModSecurity did, etcetera. For optimum security of our customers we use a collection of commercial firewall rules mixed with custom ones that are provided by our system admins.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages which we offer come with ModSecurity and since the firewall is switched on by default, any website that you build under a domain or a subdomain shall be protected straight away. An individual section in the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall permit you to start and stop the firewall for any website or switch on a detection mode. With the last mentioned, ModSecurity will not take any action, but it shall still detect possible attacks and shall keep all information in a log as if it were 100% active. The logs can be found within the same section of the CP and they offer details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, etc. The security rules we use on our machines are a mix between commercial ones from a security firm and custom ones created by our system admins. For that reason, we offer greater security for your web programs as we can defend them from attacks even before security businesses release updates for completely new threats.

ModSecurity in VPS Servers

All VPS servers which are provided with the Hepsia CP come with ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the server, so there will not be anything special that you shall have to do to protect your websites. It will take you just a click to stop ModSecurity if required or to turn on its passive mode so that it records what happens without taking any measures to prevent intrusions. You shall be able to look at the logs generated in active or passive mode from the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall used to tackle it, etcetera. We use a combination of commercial and custom rules so as to make sure that ModSecurity shall block out as many threats as possible, thus boosting the security of your web applications as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers that are set up with our Hepsia CP and you'll not need to do anything specific on your end to employ it since it's turned on by default whenever you include a new domain or subdomain on your hosting server. In the event that it interferes with any of your apps, you will be able to stop it via the respective area of Hepsia, or you could leave it operating in passive mode, so it shall identify attacks and shall still keep a log for them, but won't stop them. You could analyze the logs later to find out what you can do to improve the safety of your Internet sites as you shall find info such as where an intrusion attempt originated from, what Internet site was attacked and based upon what rule ModSecurity reacted, and so on. The rules which we use are commercial, hence they are frequently updated by a security company, but to be on the safe side, our admins also add custom rules from time to time as to deal with any new threats they have found.