ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its operation and in case it discovers an intrusion attempt, it prevents it. The firewall furthermore keeps a more comprehensive log for the site visitors than any server does, so you'll be able to monitor what's going on with your sites better than if you rely only on standard logs. ModSecurity works with security rules based on which it helps prevent attacks. For example, it detects whether anyone is attempting to log in to the administration area of a specific script a number of times or if a request is sent to execute a file with a particular command. In such cases these attempts trigger the corresponding rules and the firewall software hinders the attempts instantly, and then records in-depth details about them inside its logs. ModSecurity is among the best software firewalls out there and it can protect your web applications against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Shared Hosting

ModSecurity is offered with every shared hosting plan that we offer and it is switched on by default for any domain or subdomain that you add through your Hepsia Control Panel. In the event that it interferes with any of your apps or you would like to disable it for whatever reason, you will be able to do that through the ModSecurity section of Hepsia with merely a click. You can also activate a passive mode, so the firewall will discover potential attacks and keep a log, but will not take any action. You'll be able to see comprehensive logs in the very same section, including the IP address where the attack originated from, what exactly the attacker tried to do and at what time, what ModSecurity did, etcetera. For max protection of our customers we use a set of commercial firewall rules blended with custom ones that are added by our system admins.

ModSecurity in Semi-dedicated Hosting

Any web application you set up in your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall comes with all our hosting packages and is turned on by default for any domain and subdomain which you add or create via your Hepsia hosting Control Panel. You shall be able to manage ModSecurity through a dedicated area inside Hepsia where not only could you activate or deactivate it fully, but you can also switch on a passive mode, so the firewall will not block anything, but it will still maintain a record of possible attacks. This takes simply a click and you shall be able to look at the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, etc. The firewall uses 2 sets of rules on our servers - a commercial one which we get from a third-party web security provider and a custom one that our admins update manually in order to respond to recently discovered threats immediately.

ModSecurity in VPS

Security is of the utmost importance to us, so we install ModSecurity on all virtual private servers which are provided with the Hepsia Control Panel as a standard. The firewall could be managed through a dedicated section in Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you will not need to do anything personally. You shall also be able to disable it or turn on the so-called detection mode, so it will maintain a log of possible attacks you can later analyze, but won't block them. The logs in both passive and active modes offer details about the form of the attack and how it was stopped, what IP it came from and other useful info that could help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. On top of the commercial rules which we get for ModSecurity from a third-party security firm, we also implement our own rules as once in a while we detect specific attacks which aren't yet present inside the commercial group. That way, we could boost the security of your VPS instantly instead of awaiting a certified update.

ModSecurity in Dedicated Hosting

ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain which you create on the server. Just in case that a web app doesn't operate properly, you could either switch off the firewall or set it to work in passive mode. The latter means that ModSecurity shall maintain a log of any potential attack that might take place, but shall not take any action to prevent it. The logs created in passive or active mode shall provide you with more details about the exact file which was attacked, the nature of the attack and the IP address it originated from, and so on. This info shall enable you to decide what measures you can take to improve the protection of your websites, including blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated frequently with a commercial bundle from a third-party security provider we work with, but sometimes our staff include their own rules too in the event that they come across a new potential threat.