ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its overall performance and when it discovers an intrusion attempt, it prevents it. The firewall also maintains a more comprehensive log for the traffic than any server does, so you will manage to keep track of what is going on with your websites a lot better than if you rely only on conventional logs. ModSecurity employs security rules based on which it stops attacks. For example, it detects if somebody is trying to log in to the administration area of a particular script several times or if a request is sent to execute a file with a certain command. In these instances these attempts trigger the corresponding rules and the firewall blocks the attempts right away, then records detailed details about them inside its logs. ModSecurity is one of the most effective software firewalls on the market and it can protect your web apps against many threats and vulnerabilities, particularly in case you don’t update them or their plugins often.

ModSecurity in Shared Website Hosting

We provide ModSecurity with all shared website hosting packages, so your web apps will be shielded from malicious attacks. The firewall is activated as standard for all domains and subdomains, but if you'd like, you shall be able to stop it through the respective section of your Hepsia Control Panel. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you shall find within Hepsia are extremely detailed and offer info about the nature of any attack, when it took place and from what IP address, the firewall rule that was triggered, etcetera. We employ a set of commercial rules which are often updated, but sometimes our admins add custom rules as well in order to efficiently protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

Any web app which you install in your new semi-dedicated server account will be protected by ModSecurity because the firewall comes with all our hosting solutions and is switched on by default for any domain and subdomain which you include or create via your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated area inside Hepsia where not only can you activate or deactivate it fully, but you can also enable a passive mode, so the firewall will not stop anything, but it'll still maintain a record of possible attacks. This takes just a mouse click and you'll be able to see the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was taken care of, and so forth. The firewall uses two groups of rules on our web servers - a commercial one which we get from a third-party web security company and a custom one which our administrators update personally in order to respond to recently discovered risks immediately.

ModSecurity in VPS Servers

Security is extremely important to us, so we install ModSecurity on all VPS servers which are provided with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section inside Hepsia and is activated automatically when you add a new domain or create a subdomain, so you will not have to do anything by hand. You'll also be able to disable it or switch on the so-called detection mode, so it'll keep a log of possible attacks you can later study, but will not stop them. The logs in both passive and active modes offer details regarding the form of the attack and how it was prevented, what IP it originated from and other important data that might help you to tighten the security of your websites by updating them or blocking IPs, as an example. Beyond the commercial rules that we get for ModSecurity from a third-party security company, we also use our own rules as once in a while we find specific attacks that are not yet present in the commercial package. This way, we can enhance the security of your Virtual private server right away rather than waiting for an official update.

ModSecurity in Dedicated Servers

All of our dedicated servers which are installed with the Hepsia hosting Control Panel come with ModSecurity, so any app which you upload or install shall be secured from the very beginning and you'll not have to worry about common attacks or vulnerabilities. A separate section in Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or turn on a detection mode so that it records details about intrusions, but does not take actions to stop them. What you shall find in the logs shall enable you to to secure your Internet sites better - the IP an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, etc. With this information, you can see whether a website needs an update, if you need to block IPs from accessing your server, etc. In addition to the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones as well if they find a new threat which is not yet included in the commercial bundle.