ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its functionality and if it identifies an intrusion attempt, it prevents it. The firewall additionally keeps a more thorough log for the traffic than any server does, so you will manage to keep track of what is happening with your Internet sites better than if you rely only on standard logs. ModSecurity employs security rules based on which it stops attacks. For instance, it identifies whether someone is attempting to log in to the admin area of a given script a number of times or if a request is sent to execute a file with a specific command. In these instances these attempts trigger the corresponding rules and the firewall software hinders the attempts right away, then records in-depth details about them in its logs. ModSecurity is amongst the most effective software firewalls on the market and it can protect your web apps against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Web Hosting

ModSecurity is available with each and every web hosting package which we offer and it's activated by default for any domain or subdomain which you include through your Hepsia CP. If it disrupts any of your apps or you'd like to disable it for whatever reason, you'll be able to do this through the ModSecurity area of Hepsia with merely a mouse click. You can also activate a passive mode, so the firewall will detect potential attacks and maintain a log, but won't take any action. You could see comprehensive logs in the same section, including the IP where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, etc. For max protection of our clients we use a group of commercial firewall rules mixed with custom ones which are provided by our system admins.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions which we offer include ModSecurity and since the firewall is enabled by default, any site that you set up under a domain or a subdomain will be secured straight away. A separate section inside the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will permit you to stop and start the firewall for any Internet site or activate a detection mode. With the latter, ModSecurity shall not take any action, but it shall still recognize possible attacks and shall keep all information inside a log as if it were fully active. The logs can be found within the exact same section of the CP and they feature information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules we employ on our machines are a mix of commercial ones from a security company and custom ones made by our system admins. As a result, we provide increased security for your web applications as we can protect them from attacks before security firms release updates for new threats.

ModSecurity in VPS

ModSecurity comes with all Hepsia-based virtual private servers which we offer and it will be activated automatically for any new domain or subdomain which you include on the machine. This way, any web app you install shall be secured from the very beginning without doing anything manually on your end. The firewall may be managed via the section of the CP that has the same name. This is the area whereyou can disable ModSecurity or let its passive mode, so it shall not take any action toward threats, but shall still keep a thorough log. The recorded information is available in the same section as well and you will be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules that we employ on our servers are a blend between commercial ones we get from a security company and custom ones that are included by our admins to optimize the security of any web apps hosted on our end.

ModSecurity in Dedicated Hosting

All our dedicated servers which are installed with the Hepsia hosting Control Panel feature ModSecurity, so any program you upload or set up will be properly secured from the very beginning and you won't need to concern yourself with common attacks or vulnerabilities. An independent section inside Hepsia will allow you to start or stop the firewall for any domain or subdomain, or switch on a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you will see in the logs shall enable you to to secure your websites better - the IP an attack came from, what website was attacked and in what way, what ModSecurity rule was triggered, etcetera. With this information, you can see whether a site needs an update, whether you ought to block IPs from accessing your web server, and so on. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones too when they discover a new threat which is not yet a part of the commercial bundle.