ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its functionality and if it detects an intrusion attempt, it prevents it. The firewall also keeps a more thorough log for the website visitors than any server does, so you'll manage to monitor what's going on with your websites a lot better than if you rely simply on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it recognizes if someone is trying to log in to the admin area of a given script multiple times or if a request is sent to execute a file with a certain command. In such situations these attempts set off the corresponding rules and the firewall blocks the attempts immediately, after that records in-depth information about them within its logs. ModSecurity is amongst the best software firewalls available and it can protect your web applications against a huge number of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.

ModSecurity in Hosting

ModSecurity comes standard with all hosting solutions that we offer and it shall be activated automatically for any domain or subdomain that you add/create in your Hepsia hosting Control Panel. The firewall has three different modes, so you'll be able to switch on and deactivate it with simply a click or set it to detection mode, so it'll maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your sites shall include comprehensive information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules we use are regularly updated and incorporate both commercial ones which we get from a third-party security firm and custom ones our system administrators add in case that they detect a new type of attacks. This way, the Internet sites that you host here shall be far more protected without any action expected on your end.

ModSecurity in Semi-dedicated Servers

We have integrated ModSecurity by default within all semi-dedicated server products, so your web applications will be protected as soon as you set them up under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts will allow you to enable or turn off the firewall for any site with a click. You will also be able to switch on a passive detection mode in which ModSecurity shall keep a log of potential attacks without really preventing them. The detailed logs include the nature of the attack and what ModSecurity response that attack initiated, where it came from, and so forth. The list of rules that we use is frequently updated in order to match any new risks that could appear on the Internet and it consists of both commercial rules that we get from a security company and custom-written ones which our admins include in case they find a threat which is not present within the commercial list yet.

ModSecurity in VPS Servers

Protection is very important to us, so we set up ModSecurity on all VPS servers that are made available with the Hepsia CP as a standard. The firewall can be managed through a dedicated section within Hepsia and is switched on automatically when you add a new domain or generate a subdomain, so you will not need to do anything personally. You will also be able to deactivate it or turn on the so-called detection mode, so it shall maintain a log of potential attacks that you can later analyze, but shall not stop them. The logs in both passive and active modes offer details regarding the form of the attack and how it was prevented, what IP address it originated from and other important data that may help you to tighten the security of your websites by updating them or blocking IPs, for instance. In addition to the commercial rules that we get for ModSecurity from a third-party security company, we also employ our own rules as every now and then we detect specific attacks that aren't yet present within the commercial package. This way, we could enhance the protection of your VPS immediately as opposed to waiting for an official update.

ModSecurity in Dedicated Servers

All our dedicated servers which are installed with the Hepsia hosting CP include ModSecurity, so any app which you upload or set up will be properly secured from the very beginning and you won't need to concern yourself with common attacks or vulnerabilities. An independent section within Hepsia will enable you to start or stop the firewall for each domain or subdomain, or turn on a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you will find in the logs can enable you to to secure your Internet sites better - the IP address an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, and so on. With this info, you can see whether a website needs an update, whether you ought to block IPs from accessing your server, and so on. Aside from the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones as well if they discover a new threat that is not yet in the commercial bundle.