ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its overall performance and in case it discovers an intrusion attempt, it blocks it. The firewall furthermore keeps a more thorough log for the traffic than any server does, so you will manage to keep track of what is going on with your websites a lot better than if you rely merely on standard logs. ModSecurity works with security rules based on which it stops attacks. For instance, it recognizes if someone is attempting to log in to the administration area of a certain script a number of times or if a request is sent to execute a file with a specific command. In such circumstances these attempts set off the corresponding rules and the firewall software hinders the attempts in real time, and then records in-depth information about them inside its logs. ModSecurity is among the best software firewalls out there and it can protect your web apps against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.

ModSecurity in Website Hosting

ModSecurity is available with every single website hosting package that we provide and it's switched on by default for any domain or subdomain that you include through your Hepsia Control Panel. In case it disrupts any of your applications or you'd like to disable it for any reason, you'll be able to do this through the ModSecurity section of Hepsia with simply a click. You may also enable a passive mode, so the firewall will identify potential attacks and maintain a log, but shall not take any action. You can see comprehensive logs in the same section, including the IP address where the attack came from, what precisely the attacker attempted to do and at what time, what ModSecurity did, etcetera. For max security of our customers we use a group of commercial firewall rules mixed with custom ones that are provided by our system admins.

ModSecurity in Semi-dedicated Servers

We have included ModSecurity as a standard within all semi-dedicated server products, so your web applications will be protected whenever you install them under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts will permit you to activate or turn off the firewall for any site with a click. You'll also be able to turn on a passive detection mode in which ModSecurity shall keep a log of possible attacks without really preventing them. The detailed logs contain the nature of the attack and what ModSecurity response this attack activated, where it originated from, and so forth. The list of rules we use is constantly updated in order to match any new threats which could appear on the Internet and it comes with both commercial rules that we get from a security corporation and custom-written ones that our admins add in case they find a threat that's not present inside the commercial list yet.

ModSecurity in Dedicated Servers

All our dedicated servers which are installed with the Hepsia hosting Control Panel feature ModSecurity, so any app you upload or install will be secured from the very beginning and you won't have to concern yourself with common attacks or vulnerabilities. A separate section within Hepsia will permit you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records details about intrusions, but doesn't take actions to prevent them. What you shall see in the logs can enable you to to secure your sites better - the IP an attack originated from, what site was attacked and exactly how, what ModSecurity rule was triggered, etcetera. With this data, you'll be able to see if a site needs an update, whether you should block IPs from accessing your server, and so on. On top of the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones as well when they come across a new threat which is not yet in the commercial bundle.