ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its performance and in case it identifies an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the site visitors than any server does, so you shall manage to keep an eye on what is happening with your sites much better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it helps prevent attacks. For instance, it recognizes whether somebody is trying to log in to the administration area of a given script multiple times or if a request is sent to execute a file with a particular command. In these circumstances these attempts trigger the corresponding rules and the firewall hinders the attempts immediately, then records in-depth details about them in its logs. ModSecurity is among the very best software firewalls available and it can easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server plans and if you choose to host your sites with us, there will not be anything special you'll need to do since the firewall is turned on by default for all domains and subdomains that you include through your hosting Control Panel. If needed, you could disable ModSecurity for a particular website or activate the so-called detection mode in which case the firewall shall still operate and record information, but won't do anything to stop possible attacks on your websites. Comprehensive logs will be readily available in your Control Panel and you will be able to see which kind of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks originated from, and so on. We use two types of rules on our servers - commercial ones from an organization which operates in the field of web security, and custom made ones that our admins sometimes include to respond to newly discovered threats promptly.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers that we offer and it'll be turned on automatically for any new domain or subdomain which you include on the machine. This way, any web app you install shall be protected right away without doing anything by hand on your end. The firewall can be managed through the section of the Control Panel that has the same name. This is the location in whichyou'll be able to disable ModSecurity or enable its passive mode, so it shall not take any action against threats, but shall still maintain a detailed log. The recorded data is available within the same section as well and you will be able to see what IPs any attacks originated from to enable you to block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules which we employ on our servers are a mixture between commercial ones which we get from a security firm and custom ones that are added by our staff to improve the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is provided as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the server. In the event that a web app does not operate properly, you can either switch off the firewall or set it to function in passive mode. The second means that ModSecurity shall keep a log of any potential attack which could happen, but shall not take any action to stop it. The logs generated in passive or active mode shall give you additional details about the exact file that was attacked, the type of the attack and the IP it originated from, etc. This information will allow you to determine what steps you can take to enhance the security of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we employ are updated constantly with a commercial package from a third-party security enterprise we work with, but occasionally our staff add their own rules also when they find a new potential threat.