ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its overall performance and when it detects an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the website visitors than any server does, so you'll be able to keep track of what is going on with your websites better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For example, it recognizes if anyone is trying to log in to the admin area of a certain script several times or if a request is sent to execute a file with a particular command. In such cases these attempts trigger the corresponding rules and the firewall blocks the attempts right away, after that records comprehensive details about them inside its logs. ModSecurity is one of the most effective software firewalls out there and it can easily protect your web apps against many threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Shared Web Hosting

ModSecurity comes by default with all shared web hosting plans that we offer and it will be activated automatically for any domain or subdomain that you add/create inside your Hepsia hosting Control Panel. The firewall has three different modes, so you'll be able to activate and disable it with only a click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to prevent them. The log for any of your sites will contain in-depth information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules we use are constantly updated and comprise of both commercial ones that we get from a third-party security firm and custom ones that our system administrators add in case that they detect a new sort of attacks. This way, the sites that you host here shall be far more protected with no action required on your end.

ModSecurity in Semi-dedicated Servers

Any web program that you set up inside your new semi-dedicated server account shall be protected by ModSecurity since the firewall is included with all our hosting packages and is activated by default for any domain and subdomain which you include or create through your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated section inside Hepsia where not simply could you activate or deactivate it completely, but you could also activate a passive mode, so the firewall will not block anything, but it'll still maintain a record of possible attacks. This requires only a click and you shall be able to view the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was handled, and so forth. The firewall employs two sets of rules on our web servers - a commercial one which we get from a third-party web security firm and a custom one which our administrators update personally as to respond to newly discovered risks at the earliest opportunity.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are set up with the Hepsia hosting CP, so your web apps shall be protected from the moment your server is ready. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if needed, you'll be able to disable it with a click via the corresponding section of Hepsia. You could also set it to work in detection mode, so it will keep an extensive log of any potential attacks without taking any action to stop them. The logs are available inside the same section and provide info about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For optimum security, we use not only commercial rules from a business operating in the field of web security, but also custom ones our administrators add manually so as to react to new threats which are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers which are integrated with our Hepsia CP and you'll not need to do anything specific on your end to employ it since it's activated by default whenever you add a new domain or subdomain on your web server. In case it disrupts any of your apps, you will be able to stop it through the respective area of Hepsia, or you may leave it in passive mode, so it will identify attacks and will still keep a log for them, but will not stop them. You could look at the logs later to learn what you can do to boost the security of your sites as you shall find information such as where an intrusion attempt came from, what website was attacked and based on what rule ModSecurity responded, and so on. The rules which we employ are commercial, therefore they're frequently updated by a security provider, but to be on the safe side, our staff also include custom rules every now and then in order to react to any new threats they have found.