ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its functionality and in case it identifies an intrusion attempt, it blocks it. The firewall furthermore keeps a more comprehensive log for the traffic than any web server does, so you will manage to monitor what's going on with your websites better than if you rely only on standard logs. ModSecurity uses security rules based on which it stops attacks. For instance, it identifies whether anyone is trying to log in to the administration area of a given script several times or if a request is sent to execute a file with a certain command. In such cases these attempts trigger the corresponding rules and the software hinders the attempts right away, after that records in-depth details about them in its logs. ModSecurity is among the most effective software firewalls out there and it can easily protect your web apps against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Shared Hosting

ModSecurity comes standard with all shared hosting solutions that we provide and it shall be switched on automatically for any domain or subdomain you add/create inside your Hepsia hosting Control Panel. The firewall has three different modes, so you can activate and deactivate it with simply a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to prevent them. The log for any of your sites will feature elaborate information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules which we use are frequently updated and include both commercial ones we get from a third-party security business and custom ones our system admins add in the event that they detect a new type of attacks. This way, the websites which you host here will be far more secure without any action expected on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans that we offer come with ModSecurity and given that the firewall is switched on by default, any Internet site you create under a domain or a subdomain will be secured right from the start. An individual section inside the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll permit you to stop and start the firewall for any Internet site or enable a detection mode. With the latter, ModSecurity will not take any action, but it'll still identify possible attacks and shall keep all info inside a log as if it were fully active. The logs can be found inside the very same section of the Control Panel and they feature specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules that we employ on our servers are a mix of commercial ones from a security company and custom ones created by our system admins. Consequently, we provide higher security for your web apps as we can protect them from attacks even before security businesses release updates for brand new threats.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are provided with the Hepsia hosting CP, so your web apps will be protected from the moment your server is ready. The firewall is turned on by default for any domain or subdomain on the VPS, but if required, you can disable it with a click of your mouse from the corresponding section of Hepsia. You could also set it to operate in detection mode, so it shall maintain an extensive log of any possible attacks without taking any action to prevent them. The logs are available within the same section and provide info about the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For best security, we use not just commercial rules from a business operating in the field of web security, but also custom ones our admins add personally so as to react to new risks which are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain that you create on the server. Just in case that a web application doesn't work correctly, you can either switch off the firewall or set it to work in passive mode. The latter means that ModSecurity shall maintain a log of any possible attack which could happen, but shall not take any action to stop it. The logs generated in active or passive mode shall present you with more details about the exact file which was attacked, the nature of the attack and the IP address it came from, etcetera. This data shall allow you to choose what steps you can take to improve the security of your websites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated frequently with a commercial package from a third-party security firm we work with, but occasionally our administrators include their own rules also in the event that they come across a new potential threat.