ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its operation and when it detects an intrusion attempt, it blocks it. The firewall furthermore maintains a more thorough log for the site visitors than any web server does, so you shall be able to keep an eye on what's going on with your websites a lot better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For example, it detects if somebody is trying to log in to the admin area of a given script several times or if a request is sent to execute a file with a specific command. In such circumstances these attempts trigger the corresponding rules and the software hinders the attempts right away, after that records in-depth information about them in its logs. ModSecurity is amongst the most effective software firewalls available and it can easily protect your web apps against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.

ModSecurity in Cloud Hosting

ModSecurity comes standard with all cloud hosting packages that we supply and it will be activated automatically for any domain or subdomain that you add/create inside your Hepsia hosting Control Panel. The firewall has 3 different modes, so you'll be able to switch on and deactivate it with a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it shall not do anything to prevent them. The log for any of your websites will contain comprehensive information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules we use are frequently updated and consist of both commercial ones that we get from a third-party security company and custom ones our system administrators add in the event that they detect a new type of attacks. In this way, the sites which you host here will be much more protected without any action needed on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions that we offer come with ModSecurity and because the firewall is turned on by default, any site you build under a domain or a subdomain shall be secured right away. An independent section within the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will enable you to stop and start the firewall for any Internet site or activate a detection mode. With the last mentioned, ModSecurity won't take any action, but it'll still identify possible attacks and shall keep all information within a log as if it were completely active. The logs can be found within the same section of the Control Panel and they feature information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules which we employ on our machines are a mix of commercial ones from a security company and custom ones created by our system administrators. Therefore, we offer greater security for your web applications as we can defend them from attacks before security companies release updates for completely new threats.

ModSecurity in Dedicated Servers

ModSecurity is available by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the web server. In the event that a web application does not work correctly, you can either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity shall maintain a log of any potential attack which could take place, but will not take any action to prevent it. The logs created in active or passive mode will offer you additional details about the exact file that was attacked, the type of the attack and the IP address it came from, etcetera. This information will allow you to choose what steps you can take to enhance the safety of your Internet sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated often with a commercial bundle from a third-party security provider we work with, but oftentimes our administrators add their own rules as well when they find a new potential threat.