ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its operation and when it detects an intrusion attempt, it blocks it. The firewall also maintains a more comprehensive log for the site visitors than any web server does, so you will be able to keep track of what's happening with your sites much better than if you rely only on standard logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it identifies whether somebody is trying to log in to the administrator area of a given script several times or if a request is sent to execute a file with a specific command. In these circumstances these attempts set off the corresponding rules and the firewall software blocks the attempts in real time, and then records comprehensive details about them within its logs. ModSecurity is amongst the most effective software firewalls on the market and it could easily protect your web applications against many threats and vulnerabilities, particularly in case you don’t update them or their plugins often.

ModSecurity in Shared Hosting

We offer ModSecurity with all shared hosting plans, so your Internet applications will be shielded from destructive attacks. The firewall is switched on by default for all domains and subdomains, but if you would like, you will be able to stop it via the respective part of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you'll find inside Hepsia are quite detailed and feature data about the nature of any attack, when it happened and from what IP, the firewall rule that was triggered, and so on. We employ a range of commercial rules that are frequently updated, but sometimes our administrators add custom rules as well so as to efficiently protect the Internet sites hosted on our machines.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages which we offer feature ModSecurity and since the firewall is turned on by default, any website that you set up under a domain or a subdomain shall be secured right from the start. An individual section inside the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will permit you to start and stop the firewall for any Internet site or activate a detection mode. With the last option, ModSecurity shall not take any action, but it will still detect possible attacks and will keep all info in a log as if it were fully active. The logs can be found within the exact same section of the CP and they include info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules we employ on our web servers are a mix between commercial ones from a security business and custom ones developed by our system admins. As a result, we offer greater security for your web apps as we can defend them from attacks even before security firms release updates for new threats.

ModSecurity in VPS Servers

All VPS servers which are offered with the Hepsia CP come with ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the machine, so there won't be anything special that you will have to do to protect your websites. It shall take you only a click to stop ModSecurity if needed or to switch on its passive mode so that it records what occurs without taking any measures to prevent intrusions. You'll be able to see the logs created in passive or active mode through the corresponding section of Hepsia and discover more about the form of the attack, where it came from, what rule the firewall employed to handle it, etcetera. We employ a combination of commercial and custom rules in order to ensure that ModSecurity shall block out as many threats as possible, hence improving the security of your web applications as much as possible.

ModSecurity in Dedicated Servers

All of our dedicated servers that are set up with the Hepsia hosting Control Panel include ModSecurity, so any program which you upload or install shall be properly secured from the very beginning and you will not have to concern yourself with common attacks or vulnerabilities. An independent section inside Hepsia will permit you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you'll find in the logs can enable you to to secure your sites better - the IP an attack originated from, what site was attacked and exactly how, what ModSecurity rule was triggered, etc. With this info, you can see if a website needs an update, whether you ought to block IPs from accessing your server, and so on. In addition to the third-party commercial security rules for ModSecurity we use, our administrators include custom ones too every time they find a new threat which is not yet included in the commercial bundle.