ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and if it discovers an intrusion attempt, it blocks it. The firewall additionally keeps a more detailed log for the traffic than any web server does, so you'll be able to keep an eye on what is going on with your websites a lot better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it recognizes if somebody is attempting to log in to the admin area of a particular script a number of times or if a request is sent to execute a file with a certain command. In these circumstances these attempts trigger the corresponding rules and the firewall software blocks the attempts instantly, after that records detailed information about them inside its logs. ModSecurity is amongst the best software firewalls out there and it could easily protect your web applications against many threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Shared Hosting

We provide ModSecurity with all shared hosting packages, so your Internet apps shall be protected against destructive attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you shall be able to stop it using the respective part of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you shall find in Hepsia are extremely detailed and offer info about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, etc. We use a set of commercial rules that are often updated, but sometimes our administrators include custom rules as well in order to better protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

We have included ModSecurity as a standard in all semi-dedicated server products, so your web apps shall be protected whenever you install them under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts shall permit you to enable or turn off the firewall for any website with a click. You will also be able to activate a passive detection mode with which ModSecurity shall maintain a log of potential attacks without really stopping them. The detailed logs contain the nature of the attack and what ModSecurity response this attack generated, where it came from, etcetera. The list of rules which we use is constantly updated in order to match any new risks which might appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones that our administrators include in case they discover a threat which is not present inside the commercial list yet.

ModSecurity in VPS Servers

All VPS servers that are set up with the Hepsia Control Panel feature ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the machine, so there will not be anything special which you shall have to do to protect your Internet sites. It'll take you simply a mouse click to stop ModSecurity if needed or to turn on its passive mode so that it records what occurs without taking any measures to prevent intrusions. You'll be able to see the logs generated in passive or active mode via the corresponding section of Hepsia and discover more about the form of the attack, where it originated from, what rule the firewall used to deal with it, and so forth. We use a mixture of commercial and custom rules so as to ensure that ModSecurity shall block out as many threats as possible, therefore improving the security of your web applications as much as possible.

ModSecurity in Dedicated Servers

If you opt to host your websites on a dedicated server with the Hepsia Control Panel, your web applications will be protected right away because ModSecurity is supplied with all Hepsia-based plans. You will be able to regulate the firewall effortlessly and if required, you will be able to turn it off or enable its passive mode when it'll only keep a log of what is going on without taking any action to stop possible attacks. The logs which you can find inside the exact same section of the CP are very detailed and feature details about the attacker IP address, what website and file were attacked and in what way, what rule the firewall employed to stop the intrusion, and so on. This info shall allow you to take measures and improve the protection of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our admins include whenever they detect attacks that haven't yet been included within the commercial pack.