ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and in case it detects an intrusion attempt, it blocks it. The firewall furthermore maintains a more thorough log for the website visitors than any server does, so you'll be able to keep track of what is going on with your websites a lot better than if you rely only on conventional logs. ModSecurity works with security rules based on which it stops attacks. For instance, it detects if anyone is trying to log in to the admin area of a particular script multiple times or if a request is sent to execute a file with a particular command. In such cases these attempts set off the corresponding rules and the firewall hinders the attempts immediately, after that records detailed details about them within its logs. ModSecurity is among the best software firewalls out there and it could easily protect your web applications against many threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Website Hosting

We offer ModSecurity with all website hosting packages, so your Internet apps shall be shielded from malicious attacks. The firewall is turned on by default for all domains and subdomains, but in case you'd like, you shall be able to stop it using the respective area of your Hepsia CP. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you'll find inside Hepsia are extremely detailed and offer data about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, and so forth. We use a range of commercial rules that are constantly updated, but sometimes our administrators add custom rules as well so as to better protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server packages and if you decide to host your websites with our company, there will not be anything special you'll need to do given that the firewall is activated by default for all domains and subdomains which you add via your hosting CP. If required, you could disable ModSecurity for a certain website or turn on the so-called detection mode in which case the firewall shall still function and record information, but will not do anything to stop possible attacks on your Internet sites. Detailed logs will be readily available inside your CP and you'll be able to see what type of attacks happened, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks came from, etcetera. We use 2 types of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom ones that our administrators often include to respond to newly discovered threats on time.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain you create on the hosting server. In the event that a web app does not operate correctly, you could either disable the firewall or set it to operate in passive mode. The second means that ModSecurity shall maintain a log of any possible attack which could take place, but shall not take any action to stop it. The logs produced in active or passive mode shall give you additional details about the exact file that was attacked, the type of the attack and the IP it originated from, and so forth. This info will allow you to decide what steps you can take to boost the safety of your websites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated constantly with a commercial bundle from a third-party security firm we work with, but occasionally our staff include their own rules too if they discover a new potential threat.