ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its functionality and in case it discovers an intrusion attempt, it blocks it. The firewall additionally maintains a more comprehensive log for the site visitors than any server does, so you will manage to keep an eye on what is going on with your sites a lot better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For instance, it detects if someone is attempting to log in to the administration area of a specific script several times or if a request is sent to execute a file with a specific command. In such cases these attempts set off the corresponding rules and the firewall hinders the attempts immediately, and then records comprehensive details about them inside its logs. ModSecurity is one of the very best software firewalls available and it could easily protect your web apps against many threats and vulnerabilities, particularly if you don’t update them or their plugins often.

ModSecurity in Cloud Hosting

ModSecurity is offered with each and every cloud hosting solution that we offer and it is turned on by default for every domain or subdomain which you add through your Hepsia CP. If it interferes with any of your programs or you would like to disable it for any reason, you will be able to achieve that through the ModSecurity area of Hepsia with simply a click. You may also enable a passive mode, so the firewall will discover possible attacks and maintain a log, but will not take any action. You could view extensive logs in the very same section, including the IP where the attack came from, what exactly the attacker attempted to do and at what time, what ModSecurity did, and so on. For maximum safety of our clients we use a collection of commercial firewall rules combined with custom ones which are included by our system administrators.

ModSecurity in Semi-dedicated Servers

Any web app which you install inside your new semi-dedicated server account will be protected by ModSecurity as the firewall is provided with all our hosting solutions and is activated by default for any domain and subdomain that you add or create using your Hepsia hosting CP. You will be able to manage ModSecurity through a dedicated area inside Hepsia where not simply could you activate or deactivate it fully, but you could also enable a passive mode, so the firewall shall not block anything, but it'll still keep an archive of potential attacks. This normally requires just a mouse click and you'll be able to see the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was dealt with, etc. The firewall employs 2 sets of rules on our servers - a commercial one which we get from a third-party web security company and a custom one that our administrators update manually as to respond to newly discovered risks as quickly as possible.

ModSecurity in VPS Servers

All VPS servers which are set up with the Hepsia Control Panel include ModSecurity. The firewall is installed and activated by default for all domains that are hosted on the server, so there will not be anything special which you shall have to do to protect your Internet sites. It will take you a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what happens without taking any actions to stop intrusions. You will be able to view the logs produced in passive or active mode through the corresponding section of Hepsia and discover more about the type of the attack, where it originated from, what rule the firewall used to handle it, etc. We use a mixture of commercial and custom rules in order to make certain that ModSecurity will stop as many risks as possible, therefore increasing the security of your web applications as much as possible.

ModSecurity in Dedicated Servers

If you opt to host your sites on a dedicated server with the Hepsia Control Panel, your web applications will be protected immediately as ModSecurity is provided with all Hepsia-based packages. You'll be able to control the firewall without difficulty and if needed, you'll be able to turn it off or activate its passive mode when it will only keep a log of what is taking place without taking any action to prevent possible attacks. The logs that you'll find in the same section of the CP are extremely detailed and feature information about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, and so forth. This info shall allow you to take measures and enhance the protection of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our administrators include when they recognize attacks that have not yet been included in the commercial pack.