ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and if it identifies an intrusion attempt, it blocks it. The firewall furthermore maintains a more thorough log for the site visitors than any web server does, so you will manage to monitor what is happening with your websites better than if you rely simply on conventional logs. ModSecurity employs security rules based on which it stops attacks. For example, it identifies whether somebody is trying to log in to the admin area of a particular script a number of times or if a request is sent to execute a file with a certain command. In such cases these attempts set off the corresponding rules and the firewall software blocks the attempts immediately, after that records detailed info about them inside its logs. ModSecurity is amongst the very best software firewalls available and it can easily protect your web apps against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

ModSecurity comes by default with all cloud hosting packages which we offer and it'll be switched on automatically for any domain or subdomain which you add/create within your Hepsia hosting Control Panel. The firewall has three different modes, so you could activate and deactivate it with a click or set it to detection mode, so it shall keep a log of all attacks, but it shall not do anything to stop them. The log for each of your Internet sites will include in-depth info such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are regularly updated and consist of both commercial ones that we get from a third-party security firm and custom ones that our system administrators add in the event that they detect a new sort of attacks. That way, the sites that you host here shall be far more protected without any action required on your end.

ModSecurity in Semi-dedicated Servers

We've incorporated ModSecurity by default in all semi-dedicated server plans, so your web apps will be protected whenever you install them under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts shall permit you to activate or disable the firewall for any site with a click. You'll also have the ability to switch on a passive detection mode with which ModSecurity shall keep a log of possible attacks without actually stopping them. The detailed logs contain the nature of the attack and what ModSecurity response this attack generated, where it came from, etcetera. The list of rules which we use is regularly updated in order to match any new threats that may appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones which our administrators include in the event that they find a threat that's not present in the commercial list yet.

ModSecurity in VPS Servers

Safety is vital to us, so we set up ModSecurity on all VPS servers that are set up with the Hepsia CP by default. The firewall can be managed through a dedicated section within Hepsia and is activated automatically when you include a new domain or generate a subdomain, so you won't need to do anything by hand. You shall also be able to deactivate it or activate the so-called detection mode, so it shall maintain a log of potential attacks you can later study, but shall not prevent them. The logs in both passive and active modes contain details about the kind of the attack and how it was prevented, what IP it came from and other useful info which may help you to tighten the security of your websites by updating them or blocking IPs, for example. Besides the commercial rules that we get for ModSecurity from a third-party security company, we also use our own rules since from time to time we detect specific attacks that are not yet present inside the commercial package. This way, we could enhance the protection of your Virtual private server right away as opposed to awaiting a certified update.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain which you create on the server. In case that a web application doesn't function correctly, you could either disable the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any possible attack which may occur, but won't take any action to stop it. The logs produced in active or passive mode will offer you additional details about the exact file that was attacked, the nature of the attack and the IP it originated from, etc. This information shall allow you to choose what measures you can take to enhance the security of your websites, including blocking IPs or performing script and plugin updates. The ModSecurity rules which we use are updated regularly with a commercial bundle from a third-party security firm we work with, but oftentimes our administrators add their own rules as well in case they identify a new potential threat.