ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its overall performance and if it detects an intrusion attempt, it blocks it. The firewall furthermore keeps a more detailed log for the website visitors than any server does, so you shall be able to keep an eye on what is going on with your websites much better than if you rely only on standard logs. ModSecurity uses security rules based on which it prevents attacks. For example, it recognizes whether anyone is attempting to log in to the administration area of a certain script several times or if a request is sent to execute a file with a certain command. In such situations these attempts trigger the corresponding rules and the firewall hinders the attempts in real time, and then records comprehensive details about them inside its logs. ModSecurity is amongst the best software firewalls out there and it could easily protect your web applications against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.

ModSecurity in Hosting

ModSecurity comes standard with all hosting packages which we provide and it will be switched on automatically for any domain or subdomain you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and deactivate it with only a click or set it to detection mode, so it'll keep a log of all attacks, but it will not do anything to prevent them. The log for any of your sites will include comprehensive info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules we use are constantly updated and incorporate both commercial ones we get from a third-party security business and custom ones that our system admins add in the event that they detect a new sort of attacks. This way, the websites that you host here shall be way more protected with no action expected on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans that we offer come with ModSecurity and given that the firewall is enabled by default, any Internet site which you set up under a domain or a subdomain shall be secured immediately. An individual section in the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll enable you to stop and start the firewall for any website or enable a detection mode. With the last option, ModSecurity shall not take any action, but it shall still detect possible attacks and shall keep all info in a log as if it were completely active. The logs can be found in the same section of the Control Panel and they feature info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules that we use on our machines are a mix between commercial ones from a security business and custom ones made by our system administrators. For that reason, we provide higher security for your web programs as we can defend them from attacks before security businesses release updates for brand new threats.

ModSecurity in VPS Web Hosting

All virtual private servers which are offered with the Hepsia CP come with ModSecurity. The firewall is installed and switched on by default for all domains which are hosted on the machine, so there shall not be anything special that you'll have to do to protect your Internet sites. It'll take you just a mouse click to stop ModSecurity if required or to turn on its passive mode so that it records what goes on without taking any actions to stop intrusions. You shall be able to look at the logs produced in passive or active mode from the corresponding section of Hepsia and discover more about the type of the attack, where it originated from, what rule the firewall used to tackle it, and so on. We employ a combination of commercial and custom rules so as to make sure that ModSecurity shall prevent as many risks as possible, therefore increasing the security of your web applications as much as possible.

ModSecurity in Dedicated Servers Hosting

ModSecurity is provided with all dedicated servers which are integrated with our Hepsia CP and you'll not have to do anything specific on your end to employ it as it is activated by default whenever you add a new domain or subdomain on your hosting server. If it interferes with any of your applications, you shall be able to stop it via the respective section of Hepsia, or you could leave it working in passive mode, so it'll identify attacks and shall still maintain a log for them, but won't stop them. You'll be able to analyze the logs later to determine what you can do to boost the safety of your websites since you will find information such as where an intrusion attempt originated from, what site was attacked and in accordance with what rule ModSecurity reacted, and so forth. The rules which we use are commercial, therefore they are regularly updated by a security firm, but to be on the safe side, our staff also include custom rules occasionally in order to deal with any new threats they have identified.