ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its overall performance and when it identifies an intrusion attempt, it prevents it. The firewall furthermore maintains a more detailed log for the site visitors than any server does, so you'll be able to monitor what is happening with your sites a lot better than if you rely merely on standard logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it detects if someone is attempting to log in to the administration area of a particular script a number of times or if a request is sent to execute a file with a particular command. In such circumstances these attempts set off the corresponding rules and the firewall software blocks the attempts right away, then records detailed information about them in its logs. ModSecurity is one of the very best software firewalls out there and it could easily protect your web applications against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins often.

ModSecurity in Web Hosting

ModSecurity can be found with every web hosting package which we offer and it is switched on by default for every domain or subdomain which you add via your Hepsia Control Panel. In case it disrupts any of your programs or you would like to disable it for whatever reason, you will be able to accomplish that through the ModSecurity area of Hepsia with only a click. You can also enable a passive mode, so the firewall will identify potential attacks and keep a log, but shall not take any action. You could view extensive logs in the same section, including the IP where the attack came from, exactly what the attacker tried to do and at what time, what ModSecurity did, etcetera. For max safety of our customers we use a set of commercial firewall rules combined with custom ones which are provided by our system administrators.

ModSecurity in Semi-dedicated Servers

We've integrated ModSecurity by default within all semi-dedicated server packages, so your web applications will be protected as soon as you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will allow you to activate or turn off the firewall for any Internet site with a mouse click. You shall also have the ability to activate a passive detection mode with which ModSecurity shall maintain a log of potential attacks without actually stopping them. The detailed logs include the nature of the attack and what ModSecurity response that attack triggered, where it originated from, etcetera. The list of rules that we employ is regularly updated as to match any new risks that might appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones that our administrators include in case they discover a threat that's not present within the commercial list yet.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain that you create on the web server. In the event that a web application doesn't operate correctly, you may either switch off the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any potential attack that could happen, but won't take any action to prevent it. The logs generated in active or passive mode will present you with more details about the exact file which was attacked, the nature of the attack and the IP address it originated from, and so on. This info shall enable you to decide what measures you can take to enhance the protection of your Internet sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules that we employ are updated frequently with a commercial package from a third-party security provider we work with, but sometimes our staff include their own rules also when they find a new potential threat.