ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its functionality and in case it identifies an intrusion attempt, it blocks it. The firewall also maintains a more thorough log for the traffic than any web server does, so you shall be able to monitor what's happening with your websites a lot better than if you rely only on standard logs. ModSecurity uses security rules based on which it prevents attacks. For example, it identifies if anyone is attempting to log in to the administrator area of a certain script multiple times or if a request is sent to execute a file with a certain command. In these situations these attempts trigger the corresponding rules and the firewall blocks the attempts right away, then records in-depth details about them within its logs. ModSecurity is one of the best software firewalls on the market and it could easily protect your web applications against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Hosting

We provide ModSecurity with all hosting plans, so your Internet apps shall be resistant to malicious attacks. The firewall is switched on by default for all domains and subdomains, but if you'd like, you shall be able to stop it through the respective section of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you shall find in Hepsia are quite detailed and include information about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, etcetera. We use a group of commercial rules that are frequently updated, but sometimes our admins add custom rules as well in order to better protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages that we offer feature ModSecurity and since the firewall is switched on by default, any site you create under a domain or a subdomain will be protected straight away. An independent section in the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall allow you to start and stop the firewall for any site or enable a detection mode. With the last option, ModSecurity will not take any action, but it shall still identify possible attacks and shall keep all info within a log as if it were completely active. The logs can be found in the same section of the CP and they offer information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules which we use on our machines are a mix of commercial ones from a security business and custom ones made by our system admins. For that reason, we offer increased security for your web programs as we can protect them from attacks before security firms release updates for completely new threats.

ModSecurity in Dedicated Servers

When you opt to host your Internet sites on a dedicated server with the Hepsia CP, your web programs shall be secured straight away since ModSecurity is available with all Hepsia-based packages. You'll be able to regulate the firewall easily and if necessary, you will be able to turn it off or enable its passive mode when it will only maintain a log of what's taking place without taking any action to stop potential attacks. The logs that you'll find in the very same section of the Control Panel are quite detailed and include data about the attacker IP, what website and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, etc. This info shall permit you to take measures and improve the protection of your sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our admins include whenever they recognize attacks that haven't yet been included within the commercial pack.