ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and in case it discovers an intrusion attempt, it blocks it. The firewall also maintains a more comprehensive log for the site visitors than any server does, so you will be able to keep track of what is going on with your Internet sites a lot better than if you rely merely on standard logs. ModSecurity works with security rules based on which it prevents attacks. For instance, it recognizes if someone is trying to log in to the administration area of a certain script a number of times or if a request is sent to execute a file with a certain command. In these instances these attempts trigger the corresponding rules and the firewall software blocks the attempts immediately, and then records comprehensive info about them in its logs. ModSecurity is among the very best software firewalls available and it can easily protect your web apps against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Hosting

We offer ModSecurity with all hosting solutions, so your web apps will be protected against destructive attacks. The firewall is switched on as standard for all domains and subdomains, but if you would like, you shall be able to stop it through the respective part of your Hepsia CP. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you'll find within Hepsia are incredibly detailed and include data about the nature of any attack, when it happened and from what IP address, the firewall rule that was triggered, etcetera. We use a range of commercial rules that are constantly updated, but sometimes our admins add custom rules as well in order to efficiently protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages which we offer feature ModSecurity and because the firewall is switched on by default, any website you build under a domain or a subdomain shall be protected right from the start. A separate section inside the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll permit you to stop and start the firewall for any Internet site or activate a detection mode. With the last mentioned, ModSecurity shall not take any action, but it shall still recognize possible attacks and will keep all data within a log as if it were fully active. The logs can be found inside the very same section of the CP and they feature details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules which we use on our web servers are a mix between commercial ones from a security firm and custom ones created by our system administrators. Therefore, we provide greater security for your web programs as we can protect them from attacks even before security corporations release updates for brand new threats.

ModSecurity in VPS Servers

ModSecurity comes with all Hepsia-based VPS servers that we offer and it will be activated automatically for any new domain or subdomain that you add on the hosting server. This way, any web app you install will be protected right from the start without doing anything manually on your end. The firewall can be managed via the section of the CP which has the same name. This is the location whereyou'll be able to switch off ModSecurity or enable its passive mode, so it won't take any action toward threats, but shall still keep a comprehensive log. The recorded data is available within the same section as well and you'll be able to see what IPs any attacks came from so that you stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules which we use on our servers are a combination between commercial ones that we obtain from a security company and custom ones that are included by our staff to optimize the security of any web applications hosted on our end.

ModSecurity in Dedicated Servers

All of our dedicated servers which are set up with the Hepsia hosting Control Panel come with ModSecurity, so any program you upload or install shall be protected from the very beginning and you will not need to stress about common attacks or vulnerabilities. An independent section inside Hepsia will permit you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you will see in the logs can allow you to to secure your Internet sites better - the IP address an attack came from, what website was attacked and how, what ModSecurity rule was triggered, etcetera. With this data, you can see if a website needs an update, whether you should block IPs from accessing your hosting server, etc. Besides the third-party commercial security rules for ModSecurity which we use, our administrators add custom ones too whenever they discover a new threat that's not yet in the commercial bundle.