ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its performance and when it detects an intrusion attempt, it blocks it. The firewall additionally maintains a more thorough log for the website visitors than any server does, so you will manage to keep an eye on what's going on with your sites a lot better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it identifies whether somebody is trying to log in to the administration area of a particular script multiple times or if a request is sent to execute a file with a certain command. In such circumstances these attempts trigger the corresponding rules and the firewall hinders the attempts immediately, then records in-depth info about them within its logs. ModSecurity is amongst the best software firewalls available and it could easily protect your web apps against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

ModSecurity comes standard with all cloud hosting packages that we offer and it will be switched on automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you can switch on and deactivate it with only a click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to prevent them. The log for each of your sites will feature elaborate information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are constantly updated and include both commercial ones that we get from a third-party security business and custom ones that our system administrators add in case that they detect a new kind of attacks. That way, the Internet sites you host here shall be far more protected with no action required on your end.

ModSecurity in Semi-dedicated Servers

Any web application that you set up in your new semi-dedicated server account will be protected by ModSecurity because the firewall is included with all our hosting solutions and is turned on by default for any domain and subdomain you include or create through your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated area inside Hepsia where not simply can you activate or deactivate it completely, but you can also switch on a passive mode, so the firewall won't block anything, but it will still keep a record of possible attacks. This takes only a mouse click and you will be able to look at the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was addressed, etcetera. The firewall employs two groups of rules on our machines - a commercial one that we get from a third-party web security provider and a custom one which our administrators update manually as to respond to newly discovered risks as soon as possible.

ModSecurity in VPS Servers

All VPS servers which are provided with the Hepsia CP include ModSecurity. The firewall is installed and switched on by default for all domains that are hosted on the web server, so there shall not be anything special that you'll have to do to protect your sites. It'll take you just a mouse click to stop ModSecurity if required or to activate its passive mode so that it records what happens without taking any steps to stop intrusions. You'll be able to see the logs generated in passive or active mode through the corresponding section of Hepsia and find out more about the type of the attack, where it originated from, what rule the firewall employed to tackle it, and so on. We use a mixture of commercial and custom rules in order to ensure that ModSecurity will stop as many threats as possible, thus increasing the protection of your web applications as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain that you create on the hosting server. In the event that a web application doesn't function adequately, you may either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity will keep a log of any possible attack that may occur, but won't take any action to prevent it. The logs produced in passive or active mode shall give you additional details about the exact file which was attacked, the type of the attack and the IP address it originated from, and so forth. This data shall enable you to determine what steps you can take to increase the security of your sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated frequently with a commercial package from a third-party security enterprise we work with, but occasionally our staff add their own rules too if they find a new potential threat.