ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its overall performance and when it discovers an intrusion attempt, it blocks it. The firewall additionally maintains a more thorough log for the traffic than any server does, so you'll manage to keep track of what is going on with your websites much better than if you rely simply on standard logs. ModSecurity works with security rules based on which it helps prevent attacks. For example, it detects whether somebody is trying to log in to the administration area of a certain script several times or if a request is sent to execute a file with a specific command. In these situations these attempts set off the corresponding rules and the firewall program blocks the attempts in real time, after that records in-depth info about them in its logs. ModSecurity is one of the very best software firewalls available and it can protect your web applications against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Shared Website Hosting

We provide ModSecurity with all shared website hosting plans, so your Internet applications will be shielded from harmful attacks. The firewall is activated by default for all domains and subdomains, but if you would like, you will be able to stop it using the respective part of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs which you shall find inside Hepsia are extremely detailed and feature data about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, etcetera. We employ a group of commercial rules that are often updated, but sometimes our administrators add custom rules as well so as to efficiently protect the sites hosted on our machines.

ModSecurity in Semi-dedicated Servers

Any web application you set up inside your new semi-dedicated server account will be protected by ModSecurity as the firewall is provided with all our hosting packages and is turned on by default for any domain and subdomain that you include or create via your Hepsia hosting Control Panel. You will be able to manage ModSecurity via a dedicated area inside Hepsia where not simply can you activate or deactivate it entirely, but you can also activate a passive mode, so the firewall shall not stop anything, but it will still maintain an archive of potential attacks. This requires simply a mouse click and you'll be able to look at the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was taken care of, and so forth. The firewall uses 2 groups of rules on our machines - a commercial one that we get from a third-party web security provider and a custom one that our administrators update personally in order to respond to newly discovered threats at the earliest opportunity.

ModSecurity in VPS Servers

All VPS servers that are set up with the Hepsia CP come with ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the web server, so there will not be anything special which you will have to do to protect your sites. It shall take you simply a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what happens without taking any steps to stop intrusions. You'll be able to view the logs generated in active or passive mode through the corresponding section of Hepsia and find out more about the type of the attack, where it originated from, what rule the firewall used to take care of it, and so on. We use a mixture of commercial and custom rules in order to make sure that ModSecurity will prevent as many threats as possible, hence enhancing the security of your web applications as much as possible.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers which are set up with our Hepsia Control Panel and you won't have to do anything specific on your end to use it since it is turned on by default whenever you include a new domain or subdomain on your web server. In the event that it interferes with any of your programs, you will be able to stop it through the respective area of Hepsia, or you can leave it in passive mode, so it will identify attacks and shall still maintain a log for them, but shall not block them. You'll be able to look at the logs later to determine what you can do to improve the protection of your sites as you will find information such as where an intrusion attempt originated from, what website was attacked and based on what rule ModSecurity responded, etcetera. The rules that we use are commercial, therefore they're regularly updated by a security company, but to be on the safe side, our admins also add custom rules occasionally as to respond to any new threats they have found.