ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its functionality and in case it detects an intrusion attempt, it blocks it. The firewall additionally keeps a more detailed log for the site visitors than any server does, so you will be able to keep an eye on what is happening with your websites a lot better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it recognizes whether someone is trying to log in to the admin area of a certain script multiple times or if a request is sent to execute a file with a certain command. In such cases these attempts set off the corresponding rules and the firewall program blocks the attempts instantly, and then records detailed info about them in its logs. ModSecurity is amongst the very best software firewalls on the market and it can easily protect your web apps against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.

ModSecurity in Cloud Website Hosting

ModSecurity is available with each cloud website hosting plan which we provide and it's turned on by default for every domain or subdomain which you include via your Hepsia Control Panel. If it disrupts any of your apps or you would like to disable it for whatever reason, you shall be able to do this through the ModSecurity section of Hepsia with merely a click. You could also activate a passive mode, so the firewall will discover potential attacks and keep a log, but shall not take any action. You can see detailed logs in the very same section, including the IP address where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etc. For max protection of our customers we use a collection of commercial firewall rules combined with custom ones which are included by our system administrators.

ModSecurity in Semi-dedicated Servers

Any web program you set up in your new semi-dedicated server account will be protected by ModSecurity as the firewall comes with all our hosting packages and is switched on by default for any domain and subdomain that you add or create via your Hepsia hosting Control Panel. You shall be able to manage ModSecurity through a dedicated section within Hepsia where not simply can you activate or deactivate it completely, but you can also switch on a passive mode, so the firewall won't stop anything, but it shall still keep an archive of potential attacks. This normally requires simply a mouse click and you shall be able to look at the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was handled, etc. The firewall employs 2 groups of rules on our machines - a commercial one which we get from a third-party web security firm and a custom one which our admins update manually in order to respond to newly discovered threats immediately.

ModSecurity in VPS Servers

ModSecurity is included with all Hepsia-based VPS servers we offer and it'll be turned on automatically for any new domain or subdomain you include on the server. This way, any web application which you install will be protected right away without doing anything personally on your end. The firewall may be managed from the section of the Control Panel that has the same name. This is the area whereyou can switch off ModSecurity or let its passive mode, so it will not take any action towards threats, but shall still keep a thorough log. The recorded data is available within the same section as well and you shall be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules which we use on our servers are a combination between commercial ones we get from a security firm and custom ones that are included by our staff to maximize the protection of any web applications hosted on our end.

ModSecurity in Dedicated Servers

When you choose to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web programs shall be secured right away as ModSecurity is provided with all Hepsia-based solutions. You'll be able to control the firewall with ease and if needed, you will be able to turn it off or enable its passive mode when it shall only maintain a log of what is taking place without taking any action to prevent possible attacks. The logs that you will find within the exact same section of the Control Panel are very detailed and feature information about the attacker IP, what website and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, etcetera. This data shall allow you to take measures and increase the security of your sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our staff add whenever they recognize attacks that have not yet been included inside the commercial pack.