ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its operation and in case it identifies an intrusion attempt, it prevents it. The firewall furthermore keeps a more comprehensive log for the traffic than any server does, so you will be able to monitor what's going on with your Internet sites better than if you rely merely on standard logs. ModSecurity uses security rules based on which it prevents attacks. For instance, it detects whether anyone is attempting to log in to the admin area of a given script a number of times or if a request is sent to execute a file with a particular command. In these situations these attempts trigger the corresponding rules and the firewall hinders the attempts right away, and then records in-depth details about them in its logs. ModSecurity is among the very best software firewalls available and it can protect your web apps against a large number of threats and vulnerabilities, especially in case you don’t update them or their plugins often.

ModSecurity in Shared Hosting

ModSecurity is available with each shared hosting solution that we offer and it's turned on by default for every domain or subdomain which you include through your Hepsia CP. In case it interferes with any of your applications or you'd like to disable it for whatever reason, you shall be able to do this through the ModSecurity section of Hepsia with only a mouse click. You may also use a passive mode, so the firewall will recognize possible attacks and keep a log, but shall not take any action. You'll be able to see detailed logs in the very same section, including the IP address where the attack originated from, what exactly the attacker tried to do and at what time, what ModSecurity did, and so on. For optimum protection of our customers we use a group of commercial firewall rules mixed with custom ones which are provided by our system administrators.

ModSecurity in Semi-dedicated Servers

We have integrated ModSecurity as a standard in all semi-dedicated server products, so your web applications will be protected as soon as you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will allow you to switch on or turn off the firewall for any site with a mouse click. You'll also have the ability to activate a passive detection mode through which ModSecurity shall maintain a log of potential attacks without really preventing them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack triggered, where it came from, and so forth. The list of rules we employ is frequently updated in order to match any new threats which may appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones which our administrators include in case they discover a threat that's not present inside the commercial list yet.

ModSecurity in VPS Servers

All VPS servers that are provided with the Hepsia Control Panel include ModSecurity. The firewall is set up and activated by default for all domains that are hosted on the server, so there shall not be anything special that you'll have to do to protect your websites. It shall take you a mouse click to stop ModSecurity if required or to turn on its passive mode so that it records what goes on without taking any actions to stop intrusions. You will be able to view the logs created in active or passive mode via the corresponding section of Hepsia and find out more about the type of the attack, where it originated from, what rule the firewall employed to take care of it, and so on. We employ a mix of commercial and custom rules so as to make sure that ModSecurity will block as many risks as possible, hence increasing the protection of your web apps as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers that are set up with our Hepsia Control Panel and you won't need to do anything specific on your end to use it because it is enabled by default whenever you add a new domain or subdomain on your server. In the event that it interferes with some of your programs, you'll be able to stop it via the respective area of Hepsia, or you could leave it in passive mode, so it'll recognize attacks and shall still keep a log for them, but will not block them. You can analyze the logs later to learn what you can do to improve the security of your websites as you shall find information such as where an intrusion attempt originated from, what Internet site was attacked and based on what rule ModSecurity reacted, and so on. The rules which we employ are commercial, thus they're frequently updated by a security firm, but to be on the safe side, our admins also add custom rules occasionally in order to deal with any new threats they have found.