ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its functionality and when it detects an intrusion attempt, it blocks it. The firewall also keeps a more comprehensive log for the site visitors than any server does, so you'll manage to monitor what is going on with your websites much better than if you rely simply on standard logs. ModSecurity works with security rules based on which it stops attacks. For instance, it recognizes whether someone is trying to log in to the admin area of a certain script multiple times or if a request is sent to execute a file with a specific command. In these circumstances these attempts set off the corresponding rules and the firewall software blocks the attempts instantly, then records in-depth details about them in its logs. ModSecurity is amongst the best software firewalls on the market and it could easily protect your web applications against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

We provide ModSecurity with all cloud hosting solutions, so your web applications shall be shielded from destructive attacks. The firewall is turned on as standard for all domains and subdomains, but in case you would like, you shall be able to stop it via the respective part of your Hepsia CP. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you will find within Hepsia are extremely detailed and include information about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, etc. We use a range of commercial rules that are frequently updated, but sometimes our administrators add custom rules as well so as to better protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Servers

Any web application you install in your new semi-dedicated server account shall be protected by ModSecurity because the firewall is included with all our hosting packages and is activated by default for any domain and subdomain you include or create via your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated section in Hepsia where not simply can you activate or deactivate it fully, but you could also activate a passive mode, so the firewall will not stop anything, but it will still keep a record of potential attacks. This takes only a mouse click and you shall be able to see the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was handled, etcetera. The firewall uses two sets of rules on our web servers - a commercial one that we get from a third-party web security firm and a custom one that our admins update manually as to respond to recently discovered risks as soon as possible.

ModSecurity in VPS Servers

ModSecurity is included with all Hepsia-based VPS servers which we offer and it will be switched on automatically for every new domain or subdomain you add on the server. That way, any web app that you install will be protected from the very beginning without doing anything manually on your end. The firewall can be handled through the section of the CP that has the same name. This is the area whereyou'll be able to turn off ModSecurity or let its passive mode, so it won't take any action towards threats, but shall still keep a thorough log. The recorded information is available within the same area as well and you shall be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules that we use on our servers are a mixture between commercial ones which we obtain from a security firm and custom ones that are added by our admins to enhance the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers which are integrated with our Hepsia CP and you will not have to do anything specific on your end to employ it as it is switched on by default whenever you add a new domain or subdomain on your server. In case it disrupts any of your programs, you'll be able to stop it through the respective area of Hepsia, or you may leave it working in passive mode, so it'll identify attacks and will still keep a log for them, but shall not prevent them. You'll be able to look at the logs later to find out what you can do to increase the security of your sites as you shall find info such as where an intrusion attempt originated from, what Internet site was attacked and based on what rule ModSecurity reacted, etc. The rules that we use are commercial, therefore they are frequently updated by a security provider, but to be on the safe side, our admins also add custom rules once in a while as to respond to any new threats they have identified.