ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its operation and if it identifies an intrusion attempt, it blocks it. The firewall also maintains a more detailed log for the traffic than any web server does, so you shall manage to keep an eye on what is going on with your sites much better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it stops attacks. For example, it identifies whether anyone is trying to log in to the admin area of a particular script several times or if a request is sent to execute a file with a particular command. In such circumstances these attempts set off the corresponding rules and the firewall program hinders the attempts in real time, then records comprehensive info about them inside its logs. ModSecurity is amongst the most effective software firewalls out there and it can protect your web applications against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.

ModSecurity in Cloud Web Hosting

We offer ModSecurity with all cloud web hosting plans, so your Internet apps shall be resistant to malicious attacks. The firewall is turned on by default for all domains and subdomains, but in case you would like, you shall be able to stop it via the respective part of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you'll discover inside Hepsia are quite detailed and offer information about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, and so forth. We use a range of commercial rules which are constantly updated, but sometimes our administrators include custom rules as well in order to efficiently protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

Any web application which you install in your new semi-dedicated hosting account will be protected by ModSecurity because the firewall is included with all our hosting plans and is activated by default for any domain and subdomain which you include or create via your Hepsia hosting CP. You will be able to manage ModSecurity through a dedicated area in Hepsia where not simply can you activate or deactivate it completely, but you could also switch on a passive mode, so the firewall shall not stop anything, but it shall still maintain an archive of possible attacks. This normally requires simply a click and you'll be able to look at the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was taken care of, etcetera. The firewall employs two groups of rules on our servers - a commercial one that we get from a third-party web security company and a custom one which our administrators update personally as to respond to recently discovered risks as soon as possible.

ModSecurity in Dedicated Hosting

ModSecurity is available by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain you create on the hosting server. In case that a web application doesn't function correctly, you may either switch off the firewall or set it to operate in passive mode. The latter means that ModSecurity will keep a log of any potential attack which may occur, but shall not take any action to stop it. The logs produced in active or passive mode shall offer you additional details about the exact file that was attacked, the nature of the attack and the IP it originated from, etcetera. This data shall enable you to decide what measures you can take to improve the safety of your websites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated regularly with a commercial bundle from a third-party security company we work with, but from time to time our staff add their own rules too if they identify a new potential threat.