ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its functionality and when it discovers an intrusion attempt, it prevents it. The firewall furthermore keeps a more detailed log for the traffic than any server does, so you will be able to keep an eye on what is happening with your Internet sites much better than if you rely only on conventional logs. ModSecurity uses security rules based on which it stops attacks. For instance, it detects whether anyone is attempting to log in to the admin area of a certain script several times or if a request is sent to execute a file with a specific command. In these situations these attempts trigger the corresponding rules and the software blocks the attempts right away, after that records in-depth information about them inside its logs. ModSecurity is among the most effective software firewalls out there and it could easily protect your web apps against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins frequently.

ModSecurity in Web Hosting

We offer ModSecurity with all web hosting plans, so your Internet apps shall be resistant to malicious attacks. The firewall is turned on as standard for all domains and subdomains, but if you'd like, you will be able to stop it via the respective area of your Hepsia Control Panel. You could also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you will find within Hepsia are quite detailed and feature information about the nature of any attack, when it happened and from what IP address, the firewall rule that was triggered, and so forth. We employ a range of commercial rules which are often updated, but sometimes our administrators add custom rules as well so as to efficiently protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans which we offer come with ModSecurity and because the firewall is enabled by default, any Internet site which you create under a domain or a subdomain shall be protected immediately. An independent section inside the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it will allow you to start and stop the firewall for any Internet site or activate a detection mode. With the last mentioned, ModSecurity won't take any action, but it shall still detect possible attacks and will keep all data within a log as if it were 100% active. The logs can be found inside the same section of the Control Panel and they offer specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, etc. The security rules we employ on our servers are a mix between commercial ones from a security firm and custom ones made by our system admins. As a result, we offer higher security for your web programs as we can protect them from attacks even before security firms release updates for new threats.

ModSecurity in VPS Hosting

ModSecurity comes with all Hepsia-based virtual private servers we offer and it'll be activated automatically for every new domain or subdomain you add on the server. In this way, any web application you install shall be protected from the very beginning without doing anything personally on your end. The firewall can be managed through the section of the Control Panel that has the same name. This is the location whereyou'll be able to switch off ModSecurity or let its passive mode, so it won't take any action against threats, but will still maintain a detailed log. The recorded data is available in the same area as well and you'll be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules that we employ on our servers are a mix between commercial ones we obtain from a security firm and custom ones that are added by our admins to enhance the protection of any web applications hosted on our end.

ModSecurity in Dedicated Web Hosting

ModSecurity is included with all dedicated servers which are set up with our Hepsia Control Panel and you'll not need to do anything specific on your end to use it because it's activated by default every time you include a new domain or subdomain on your server. In the event that it interferes with some of your programs, you'll be able to stop it via the respective section of Hepsia, or you could leave it operating in passive mode, so it will identify attacks and will still keep a log for them, but shall not stop them. You can examine the logs later to determine what you can do to enhance the security of your sites since you will find details such as where an intrusion attempt came from, what Internet site was attacked and based on what rule ModSecurity responded, and so on. The rules that we use are commercial, thus they are regularly updated by a security provider, but to be on the safe side, our admins also include custom rules every now and then as to react to any new threats they have identified.