ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its functionality and in case it discovers an intrusion attempt, it blocks it. The firewall also maintains a more comprehensive log for the site visitors than any server does, so you'll be able to keep track of what's going on with your sites much better than if you rely merely on standard logs. ModSecurity uses security rules based on which it stops attacks. For instance, it detects whether somebody is attempting to log in to the administration area of a particular script a number of times or if a request is sent to execute a file with a specific command. In such cases these attempts set off the corresponding rules and the firewall software hinders the attempts in real time, after that records in-depth information about them inside its logs. ModSecurity is one of the most effective software firewalls out there and it can protect your web apps against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

ModSecurity can be found with each cloud hosting package which we offer and it is activated by default for every domain or subdomain which you add via your Hepsia Control Panel. If it interferes with any of your apps or you would like to disable it for whatever reason, you shall be able to do that through the ModSecurity section of Hepsia with just a mouse click. You can also enable a passive mode, so the firewall will recognize potential attacks and keep a log, but shall not take any action. You can see comprehensive logs in the very same section, including the IP where the attack originated from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so forth. For optimum security of our clients we use a collection of commercial firewall rules mixed with custom ones that are provided by our system administrators.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server solutions and if you opt to host your sites with our company, there shall not be anything special you'll have to do since the firewall is switched on by default for all domains and subdomains you add through your hosting CP. If required, you'll be able to disable ModSecurity for a particular website or turn on the so-called detection mode in which case the firewall will still function and record info, but won't do anything to stop possible attacks against your sites. Thorough logs shall be readily available within your CP and you will be able to see what type of attacks happened, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, etc. We employ two sorts of rules on our servers - commercial ones from a firm that operates in the field of web security, and custom ones which our admins sometimes include to respond to newly discovered threats promptly.

ModSecurity in VPS Servers

All VPS servers which are offered with the Hepsia Control Panel include ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the web server, so there shall not be anything special which you will have to do to protect your sites. It shall take you a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what goes on without taking any measures to prevent intrusions. You shall be able to view the logs created in active or passive mode via the corresponding section of Hepsia and learn more about the type of the attack, where it originated from, what rule the firewall used to handle it, and so on. We use a mix of commercial and custom rules in order to make sure that ModSecurity shall block out as many risks as possible, consequently improving the protection of your web apps as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers which are integrated with our Hepsia CP and you won't have to do anything specific on your end to employ it as it is enabled by default each time you add a new domain or subdomain on your server. In the event that it interferes with some of your applications, you'll be able to stop it through the respective area of Hepsia, or you could leave it operating in passive mode, so it'll detect attacks and shall still keep a log for them, but won't stop them. You may analyze the logs later to learn what you can do to improve the protection of your websites since you shall find details such as where an intrusion attempt originated from, what Internet site was attacked and based on what rule ModSecurity responded, etcetera. The rules that we use are commercial, thus they're regularly updated by a security firm, but to be on the safe side, our administrators also add custom rules every now and then as to respond to any new threats they have found.