ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its overall performance and when it identifies an intrusion attempt, it blocks it. The firewall furthermore keeps a more thorough log for the website visitors than any server does, so you will be able to keep an eye on what's going on with your sites better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For example, it recognizes if someone is attempting to log in to the admin area of a certain script a number of times or if a request is sent to execute a file with a particular command. In these circumstances these attempts set off the corresponding rules and the firewall hinders the attempts in real time, after that records detailed information about them inside its logs. ModSecurity is one of the most effective software firewalls on the market and it can easily protect your web applications against many threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.

ModSecurity in Shared Website Hosting

ModSecurity comes by default with all shared website hosting solutions that we offer and it'll be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting Control Panel. The firewall has three different modes, so you can switch on and disable it with only a click or set it to detection mode, so it will maintain a log of all attacks, but it will not do anything to stop them. The log for each of your Internet sites shall contain detailed information such as the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules that we use are regularly updated and include both commercial ones we get from a third-party security business and custom ones which our system admins include in case that they detect a new kind of attacks. That way, the websites you host here shall be far more protected with no action expected on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans which we offer come with ModSecurity and given that the firewall is turned on by default, any website which you set up under a domain or a subdomain will be protected straight away. An independent section in the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall allow you to start and stop the firewall for any website or enable a detection mode. With the last option, ModSecurity will not take any action, but it will still recognize possible attacks and shall keep all info in a log as if it were 100% active. The logs can be found within the same section of the CP and they include information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules we employ on our machines are a mix between commercial ones from a security firm and custom ones made by our system admins. Therefore, we offer greater security for your web applications as we can protect them from attacks before security businesses release updates for brand new threats.

ModSecurity in VPS Servers

Security is extremely important to us, so we set up ModSecurity on all VPS servers which are set up with the Hepsia CP by default. The firewall can be managed through a dedicated section in Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you'll not need to do anything personally. You shall also be able to deactivate it or turn on the so-called detection mode, so it will maintain a log of possible attacks that you can later study, but won't stop them. The logs in both passive and active modes include information about the type of the attack and how it was prevented, what IP it came from and other valuable info that could help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. Besides the commercial rules we get for ModSecurity from a third-party security firm, we also employ our own rules since occasionally we find specific attacks which aren't yet present within the commercial pack. That way, we can improve the protection of your Virtual private server promptly rather than waiting for an official update.

ModSecurity in Dedicated Servers

ModSecurity is provided with all dedicated servers which are integrated with our Hepsia Control Panel and you'll not need to do anything specific on your end to use it as it is activated by default each time you add a new domain or subdomain on your hosting server. In the event that it disrupts any of your applications, you'll be able to stop it through the respective part of Hepsia, or you may leave it operating in passive mode, so it will recognize attacks and shall still keep a log for them, but shall not prevent them. You'll be able to analyze the logs later to learn what you can do to improve the security of your sites as you'll find information such as where an intrusion attempt originated from, what site was attacked and based upon what rule ModSecurity responded, and so forth. The rules we employ are commercial, hence they're regularly updated by a security provider, but to be on the safe side, our staff also include custom rules occasionally as to deal with any new threats they have discovered.