ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its operation and in case it discovers an intrusion attempt, it blocks it. The firewall also maintains a more comprehensive log for the site visitors than any web server does, so you shall manage to keep an eye on what's going on with your sites a lot better than if you rely merely on standard logs. ModSecurity uses security rules based on which it prevents attacks. For example, it identifies whether somebody is attempting to log in to the admin area of a particular script a number of times or if a request is sent to execute a file with a specific command. In such cases these attempts trigger the corresponding rules and the firewall program hinders the attempts immediately, after that records comprehensive information about them within its logs. ModSecurity is one of the most effective software firewalls on the market and it can easily protect your web apps against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins often.

ModSecurity in Shared Website Hosting

We offer ModSecurity with all shared website hosting plans, so your web applications will be resistant to harmful attacks. The firewall is turned on as standard for all domains and subdomains, but in case you would like, you shall be able to stop it via the respective area of your Hepsia CP. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you'll discover in Hepsia are very detailed and feature information about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, etcetera. We use a range of commercial rules which are regularly updated, but sometimes our admins add custom rules as well in order to efficiently protect the sites hosted on our machines.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are offered with the Hepsia hosting Control Panel, so your web applications shall be secured from the second your server is in a position. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if required, you can deactivate it with a click through the corresponding section of Hepsia. You could also set it to function in detection mode, so it will keep a comprehensive log of any potential attacks without taking any action to stop them. The logs are available within the very same section and provide details about the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For best security, we use not simply commercial rules from a firm working in the field of web security, but also custom ones our administrators include manually in order to react to new risks that are still not addressed in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is available as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the server. In case that a web app does not operate properly, you could either turn off the firewall or set it to operate in passive mode. The second means that ModSecurity will maintain a log of any possible attack that could take place, but will not take any action to stop it. The logs created in passive or active mode will provide you with additional details about the exact file that was attacked, the form of the attack and the IP address it came from, and so on. This data will enable you to choose what actions you can take to improve the security of your websites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated constantly with a commercial package from a third-party security company we work with, but occasionally our staff include their own rules also when they come across a new potential threat.