ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and in case it detects an intrusion attempt, it prevents it. The firewall additionally maintains a more comprehensive log for the traffic than any web server does, so you shall be able to monitor what is happening with your sites a lot better than if you rely simply on standard logs. ModSecurity employs security rules based on which it stops attacks. For example, it identifies whether anyone is attempting to log in to the administrator area of a particular script a number of times or if a request is sent to execute a file with a specific command. In these circumstances these attempts trigger the corresponding rules and the firewall software hinders the attempts in real time, after that records detailed details about them in its logs. ModSecurity is one of the best software firewalls out there and it could easily protect your web apps against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.

ModSecurity in Shared Hosting

ModSecurity is offered with each shared hosting solution that we offer and it's turned on by default for every domain or subdomain which you include via your Hepsia Control Panel. If it disrupts any of your apps or you would like to disable it for some reason, you will be able to achieve that through the ModSecurity section of Hepsia with only a mouse click. You may also activate a passive mode, so the firewall will discover possible attacks and maintain a log, but won't take any action. You can view detailed logs in the very same section, including the IP address where the attack came from, what exactly the attacker tried to do and at what time, what ModSecurity did, etc. For maximum protection of our clients we use a group of commercial firewall rules mixed with custom ones which are provided by our system administrators.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans which we offer come with ModSecurity and given that the firewall is turned on by default, any site you create under a domain or a subdomain shall be secured right from the start. A separate section in the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it shall permit you to start and stop the firewall for any website or enable a detection mode. With the last mentioned, ModSecurity won't take any action, but it will still detect possible attacks and will keep all information inside a log as if it were fully active. The logs could be found inside the same section of the Control Panel and they feature specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules we employ on our machines are a mix of commercial ones from a security business and custom ones made by our system administrators. Consequently, we offer increased security for your web apps as we can defend them from attacks before security corporations release updates for brand new threats.

ModSecurity in Dedicated Hosting

ModSecurity is available by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain which you create on the server. In the event that a web application doesn't work properly, you could either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity will maintain a log of any potential attack that could happen, but won't take any action to stop it. The logs generated in active or passive mode shall offer you additional details about the exact file that was attacked, the type of the attack and the IP it came from, etc. This information shall allow you to decide what steps you can take to increase the safety of your sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated often with a commercial pack from a third-party security company we work with, but from time to time our administrators include their own rules as well if they come across a new potential threat.