ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its operation and in case it discovers an intrusion attempt, it blocks it. The firewall furthermore keeps a more detailed log for the site visitors than any server does, so you will manage to keep track of what is happening with your websites better than if you rely simply on standard logs. ModSecurity works with security rules based on which it helps prevent attacks. For instance, it detects whether someone is trying to log in to the admin area of a particular script a number of times or if a request is sent to execute a file with a particular command. In these instances these attempts trigger the corresponding rules and the software hinders the attempts instantly, and then records detailed info about them in its logs. ModSecurity is amongst the best software firewalls out there and it can easily protect your web applications against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.

ModSecurity in Shared Hosting

We provide ModSecurity with all shared hosting packages, so your web apps will be protected against destructive attacks. The firewall is switched on as standard for all domains and subdomains, but in case you'd like, you will be able to stop it via the respective section of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs that you will find in Hepsia are very detailed and feature information about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, and so forth. We use a set of commercial rules which are often updated, but sometimes our admins include custom rules as well so as to better protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

Any web program you install inside your new semi-dedicated hosting account shall be protected by ModSecurity because the firewall comes with all our hosting packages and is turned on by default for any domain and subdomain you add or create through your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated section inside Hepsia where not only can you activate or deactivate it fully, but you may also enable a passive mode, so the firewall shall not stop anything, but it'll still maintain an archive of possible attacks. This normally requires just a click and you shall be able to see the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was addressed, etc. The firewall employs two groups of rules on our web servers - a commercial one that we get from a third-party web security provider and a custom one that our administrators update personally in order to respond to recently discovered threats at the earliest opportunity.

ModSecurity in VPS

Security is of the utmost importance to us, so we install ModSecurity on all virtual private servers that are provided with the Hepsia CP as a standard. The firewall can be managed through a dedicated section in Hepsia and is turned on automatically when you add a new domain or create a subdomain, so you won't need to do anything personally. You'll also be able to disable it or activate the so-called detection mode, so it will maintain a log of potential attacks you can later study, but will not block them. The logs in both passive and active modes contain information about the kind of the attack and how it was stopped, what IP address it came from and other important info which may help you to tighten the security of your Internet sites by updating them or blocking IPs, for instance. In addition to the commercial rules we get for ModSecurity from a third-party security firm, we also implement our own rules as from time to time we discover specific attacks that aren't yet present inside the commercial group. This way, we could increase the security of your VPS right away as opposed to awaiting a certified update.

ModSecurity in Dedicated Hosting

ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the server. Just in case that a web app does not work properly, you can either switch off the firewall or set it to operate in passive mode. The latter means that ModSecurity will keep a log of any potential attack which might occur, but won't take any action to prevent it. The logs generated in passive or active mode shall provide you with additional details about the exact file that was attacked, the form of the attack and the IP address it originated from, and so on. This information will allow you to choose what measures you can take to enhance the safety of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated often with a commercial pack from a third-party security enterprise we work with, but sometimes our administrators add their own rules also in case they identify a new potential threat.