ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its functionality and in case it identifies an intrusion attempt, it prevents it. The firewall furthermore maintains a more thorough log for the site visitors than any web server does, so you shall be able to keep track of what's going on with your websites better than if you rely simply on standard logs. ModSecurity uses security rules based on which it stops attacks. For example, it detects if somebody is attempting to log in to the admin area of a certain script multiple times or if a request is sent to execute a file with a certain command. In these situations these attempts set off the corresponding rules and the firewall program blocks the attempts in real time, then records comprehensive information about them inside its logs. ModSecurity is among the most effective software firewalls available and it can easily protect your web applications against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins frequently.

ModSecurity in Web Hosting

ModSecurity can be found with each and every web hosting package that we provide and it is turned on by default for every domain or subdomain that you include via your Hepsia Control Panel. In the event that it disrupts any of your apps or you would like to disable it for some reason, you shall be able to do that through the ModSecurity section of Hepsia with only a click. You could also enable a passive mode, so the firewall will discover potential attacks and maintain a log, but shall not take any action. You can view comprehensive logs in the exact same section, including the IP where the attack came from, exactly what the attacker attempted to do and at what time, what ModSecurity did, etcetera. For maximum protection of our clients we use a group of commercial firewall rules combined with custom ones that are added by our system admins.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions which we offer come with ModSecurity and given that the firewall is turned on by default, any Internet site that you create under a domain or a subdomain shall be secured right away. An independent section inside the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to stop and start the firewall for any Internet site or activate a detection mode. With the last mentioned, ModSecurity shall not take any action, but it shall still recognize possible attacks and will keep all info in a log as if it were completely active. The logs can be found in the exact same section of the CP and they include information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, etcetera. The security rules that we employ on our web servers are a mix of commercial ones from a security business and custom ones made by our system administrators. Consequently, we provide increased security for your web applications as we can shield them from attacks before security businesses release updates for new threats.

ModSecurity in VPS

ModSecurity is provided with all Hepsia-based virtual private servers which we offer and it will be switched on automatically for every new domain or subdomain that you include on the hosting server. That way, any web app that you install shall be secured from the very beginning without doing anything by hand on your end. The firewall may be handled through the section of the Control Panel that has the same name. This is the area whereyou could turn off ModSecurity or let its passive mode, so it shall not take any action against threats, but will still maintain a comprehensive log. The recorded data is available in the same area as well and you'll be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules that we employ on our servers are a mix between commercial ones which we obtain from a security company and custom ones which are included by our staff to maximize the security of any web applications hosted on our end.

ModSecurity in Dedicated Hosting

All our dedicated servers which are installed with the Hepsia hosting Control Panel come with ModSecurity, so any application which you upload or install will be protected from the very beginning and you'll not need to bother about common attacks or vulnerabilities. A separate section within Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records info about intrusions, but does not take actions to stop them. What you shall find in the logs shall enable you to to secure your websites better - the IP an attack originated from, what site was attacked as well as how, what ModSecurity rule was triggered, and so on. With this information, you'll be able to see if a website needs an update, if you need to block IPs from accessing your hosting server, and so forth. Besides the third-party commercial security rules for ModSecurity we use, our admins add custom ones too every time they find a new threat that is not yet a part of the commercial bundle.