ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its operation and when it identifies an intrusion attempt, it blocks it. The firewall furthermore keeps a more detailed log for the site visitors than any server does, so you shall be able to keep an eye on what is happening with your sites a lot better than if you rely only on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For instance, it detects if somebody is trying to log in to the admin area of a certain script multiple times or if a request is sent to execute a file with a specific command. In such situations these attempts set off the corresponding rules and the firewall hinders the attempts instantly, after that records detailed details about them in its logs. ModSecurity is one of the most effective software firewalls out there and it could easily protect your web applications against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.

ModSecurity in Cloud Website Hosting

ModSecurity can be found with every cloud website hosting package which we provide and it's switched on by default for every domain or subdomain which you include through your Hepsia CP. In case it disrupts any of your applications or you'd like to disable it for some reason, you will be able to achieve that through the ModSecurity section of Hepsia with just a click. You could also activate a passive mode, so the firewall will detect potential attacks and maintain a log, but shall not take any action. You can view comprehensive logs in the same section, including the IP where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, and so on. For max protection of our customers we use a set of commercial firewall rules blended with custom ones that are added by our system admins.

ModSecurity in Semi-dedicated Servers

We have included ModSecurity by default in all semi-dedicated server products, so your web apps will be protected as soon as you set them up under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will allow you to switch on or turn off the firewall for any Internet site with a mouse click. You'll also be able to switch on a passive detection mode in which ModSecurity will keep a log of possible attacks without actually preventing them. The thorough logs include things like the nature of the attack and what ModSecurity response that attack triggered, where it came from, etcetera. The list of rules that we use is regularly updated in order to match any new risks which could appear on the Internet and it consists of both commercial rules that we get from a security business and custom-written ones that our admins add in case they discover a threat which is not present in the commercial list yet.

ModSecurity in VPS Servers

Security is of the utmost importance to us, so we set up ModSecurity on all VPS servers that are provided with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section inside Hepsia and is switched on automatically when you add a new domain or generate a subdomain, so you will not have to do anything by hand. You shall also be able to deactivate it or switch on the so-called detection mode, so it shall keep a log of possible attacks which you can later analyze, but will not stop them. The logs in both passive and active modes offer details regarding the type of the attack and how it was prevented, what IP address it came from and other valuable information that may help you to tighten the security of your sites by updating them or blocking IPs, for example. Beyond the commercial rules which we get for ModSecurity from a third-party security firm, we also employ our own rules because once in a while we identify specific attacks that are not yet present inside the commercial package. That way, we can easily improve the protection of your Virtual private server right away as opposed to waiting for a certified update.

ModSecurity in Dedicated Servers

All our dedicated servers which are set up with the Hepsia hosting Control Panel feature ModSecurity, so any app you upload or install shall be protected from the very beginning and you won't need to concern yourself with common attacks or vulnerabilities. A separate section in Hepsia will allow you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records info about intrusions, but does not take actions to stop them. What you'll find in the logs can enable you to to secure your sites better - the IP address an attack originated from, what website was attacked as well as how, what ModSecurity rule was triggered, and so on. With this data, you can see whether a website needs an update, whether you should block IPs from accessing your server, etcetera. Besides the third-party commercial security rules for ModSecurity we use, our admins add custom ones as well every time they come across a new threat that's not yet included in the commercial bundle.