ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its overall performance and if it detects an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the traffic than any server does, so you'll be able to keep an eye on what's happening with your sites much better than if you rely only on standard logs. ModSecurity works with security rules based on which it helps prevent attacks. For instance, it recognizes if someone is trying to log in to the administrator area of a certain script a number of times or if a request is sent to execute a file with a particular command. In these circumstances these attempts trigger the corresponding rules and the software hinders the attempts right away, after that records detailed information about them within its logs. ModSecurity is amongst the most effective software firewalls on the market and it can protect your web applications against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Website Hosting

ModSecurity comes by default with all website hosting packages that we offer and it will be switched on automatically for any domain or subdomain which you add/create within your Hepsia hosting Control Panel. The firewall has three different modes, so you can activate and deactivate it with simply a mouse click or set it to detection mode, so it'll maintain a log of all attacks, but it'll not do anything to prevent them. The log for any of your Internet sites will contain in-depth info including the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are regularly updated and consist of both commercial ones we get from a third-party security firm and custom ones our system administrators include in case that they detect a new sort of attacks. That way, the websites which you host here will be far more protected without any action required on your end.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server solutions and if you opt to host your Internet sites with us, there will not be anything special you will have to do since the firewall is switched on by default for all domains and subdomains you add through your hosting CP. If needed, you'll be able to disable ModSecurity for a given site or activate the so-called detection mode in which case the firewall will still function and record information, but won't do anything to stop possible attacks against your Internet sites. Comprehensive logs will be accessible inside your CP and you'll be able to see which kind of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, and so on. We use two kinds of rules on our servers - commercial ones from a business that operates in the field of web security, and custom ones which our administrators sometimes add to respond to newly found risks in a timely manner.

ModSecurity in VPS Servers

Security is essential to us, so we set up ModSecurity on all VPS servers that are set up with the Hepsia Control Panel as a standard. The firewall could be managed through a dedicated section inside Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you'll not have to do anything personally. You shall also be able to disable it or switch on the so-called detection mode, so it'll keep a log of potential attacks which you can later analyze, but will not block them. The logs in both passive and active modes offer info regarding the form of the attack and how it was eliminated, what IP address it originated from and other important data that may help you to tighten the security of your websites by updating them or blocking IPs, for example. Beyond the commercial rules which we get for ModSecurity from a third-party security firm, we also use our own rules because once in a while we discover specific attacks which are not yet present inside the commercial pack. That way, we can enhance the security of your VPS promptly as opposed to awaiting a certified update.

ModSecurity in Dedicated Servers

ModSecurity is provided with all dedicated servers that are integrated with our Hepsia CP and you will not have to do anything specific on your end to employ it since it is activated by default whenever you include a new domain or subdomain on your hosting server. In case it disrupts some of your applications, you will be able to stop it through the respective section of Hepsia, or you may leave it operating in passive mode, so it shall recognize attacks and shall still maintain a log for them, but won't stop them. You can examine the logs later to learn what you can do to boost the security of your websites since you shall find info such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity responded, etc. The rules which we use are commercial, therefore they are constantly updated by a security firm, but to be on the safe side, our staff also include custom rules once in a while as to react to any new threats they have discovered.