ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its operation and in case it identifies an intrusion attempt, it prevents it. The firewall furthermore maintains a more comprehensive log for the site visitors than any server does, so you'll be able to monitor what's going on with your Internet sites better than if you rely only on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For example, it recognizes if someone is trying to log in to the admin area of a given script a number of times or if a request is sent to execute a file with a particular command. In these instances these attempts trigger the corresponding rules and the firewall program hinders the attempts right away, and then records comprehensive information about them within its logs. ModSecurity is one of the best software firewalls out there and it can protect your web apps against many threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Hosting

ModSecurity comes standard with all hosting packages that we offer and it'll be switched on automatically for any domain or subdomain which you add/create within your Hepsia hosting CP. The firewall has three different modes, so you'll be able to activate and deactivate it with only a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to stop them. The log for each of your sites will feature detailed info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are constantly updated and incorporate both commercial ones we get from a third-party security business and custom ones that our system administrators add in case that they detect a new sort of attacks. This way, the sites that you host here shall be way more protected without any action required on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans that we offer come with ModSecurity and because the firewall is enabled by default, any Internet site that you build under a domain or a subdomain will be protected straight away. An individual section inside the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it will permit you to start and stop the firewall for any Internet site or switch on a detection mode. With the last option, ModSecurity won't take any action, but it shall still identify possible attacks and shall keep all data within a log as if it were fully active. The logs can be found within the very same section of the CP and they feature details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etcetera. The security rules which we employ on our machines are a mix of commercial ones from a security firm and custom ones created by our system admins. Consequently, we provide increased security for your web apps as we can protect them from attacks even before security companies release updates for new threats.

ModSecurity in VPS Hosting

ModSecurity is included with all Hepsia-based virtual private servers we offer and it'll be switched on automatically for every new domain or subdomain you add on the web server. That way, any web application which you install shall be secured right away without doing anything manually on your end. The firewall may be handled through the section of the Control Panel which has the same name. This is the location in whichyou can switch off ModSecurity or activate its passive mode, so it shall not take any action against threats, but shall still maintain a detailed log. The recorded data is available inside the same area as well and you'll be able to see what IPs any attacks originated from to enable you to block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules we employ on our servers are a combination between commercial ones which we obtain from a security firm and custom ones which are added by our admins to maximize the protection of any web apps hosted on our end.

ModSecurity in Dedicated Web Hosting

When you opt to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web programs will be secured straight away because ModSecurity is supplied with all Hepsia-based plans. You will be able to manage the firewall effortlessly and if required, you will be able to turn it off or switch on its passive mode when it will only keep a log of what's happening without taking any action to stop potential attacks. The logs which you'll find within the very same section of the Control Panel are extremely detailed and contain details about the attacker IP address, what site and file were attacked and in what way, what rule the firewall employed to stop the intrusion, and so on. This data will permit you to take measures and boost the protection of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our administrators include when they recognize attacks that have not yet been included inside the commercial pack.