ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its functionality and in case it identifies an intrusion attempt, it blocks it. The firewall furthermore keeps a more detailed log for the traffic than any server does, so you shall manage to monitor what is going on with your sites better than if you rely simply on standard logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it identifies whether somebody is attempting to log in to the administrator area of a given script multiple times or if a request is sent to execute a file with a particular command. In such instances these attempts trigger the corresponding rules and the firewall software hinders the attempts right away, and then records in-depth info about them in its logs. ModSecurity is amongst the most effective software firewalls available and it can protect your web applications against many threats and vulnerabilities, especially if you don’t update them or their plugins regularly.

ModSecurity in Shared Website Hosting

ModSecurity is supplied with all shared website hosting web servers, so when you opt to host your Internet sites with our firm, they'll be resistant to a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you will have to do on your end. You shall be able to stop ModSecurity for any site if necessary, or to enable a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view detailed logs via your Hepsia Control Panel including the IP address where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. As we take the protection of our customers' sites seriously, we use a set of commercial rules which we get from one of the leading companies which maintain such rules. Our admins also include custom rules to ensure that your sites will be protected against as many risks as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages that we offer feature ModSecurity and because the firewall is switched on by default, any site that you build under a domain or a subdomain will be protected immediately. An independent section within the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will allow you to start and stop the firewall for any website or enable a detection mode. With the latter, ModSecurity will not take any action, but it will still identify possible attacks and shall keep all information inside a log as if it were 100% active. The logs could be found inside the very same section of the Control Panel and they feature information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules we use on our servers are a mix between commercial ones from a security business and custom ones made by our system administrators. Therefore, we offer increased security for your web apps as we can defend them from attacks before security companies release updates for new threats.

ModSecurity in VPS

Security is extremely important to us, so we set up ModSecurity on all virtual private servers which are set up with the Hepsia Control Panel by default. The firewall could be managed via a dedicated section inside Hepsia and is turned on automatically when you include a new domain or generate a subdomain, so you won't have to do anything by hand. You will also be able to disable it or activate the so-called detection mode, so it'll maintain a log of potential attacks you can later analyze, but will not block them. The logs in both passive and active modes offer info about the kind of the attack and how it was prevented, what IP address it came from and other important information which could help you to tighten the security of your sites by updating them or blocking IPs, for instance. On top of the commercial rules which we get for ModSecurity from a third-party security company, we also employ our own rules as every now and then we identify specific attacks which aren't yet present within the commercial pack. That way, we can easily improve the protection of your VPS instantly instead of waiting for a certified update.

ModSecurity in Dedicated Hosting

ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the server. In case that a web application doesn't function adequately, you may either disable the firewall or set it to function in passive mode. The second means that ModSecurity will keep a log of any possible attack which may take place, but won't take any action to stop it. The logs generated in active or passive mode will offer you more details about the exact file that was attacked, the nature of the attack and the IP address it originated from, etcetera. This data shall enable you to decide what measures you can take to improve the safety of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated often with a commercial bundle from a third-party security provider we work with, but from time to time our admins include their own rules too when they find a new potential threat.