ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its operation and if it identifies an intrusion attempt, it prevents it. The firewall also keeps a more thorough log for the site visitors than any web server does, so you shall manage to keep an eye on what is happening with your websites better than if you rely merely on standard logs. ModSecurity uses security rules based on which it stops attacks. For instance, it recognizes if anyone is trying to log in to the administrator area of a given script a number of times or if a request is sent to execute a file with a certain command. In these situations these attempts set off the corresponding rules and the firewall program hinders the attempts immediately, then records in-depth info about them in its logs. ModSecurity is among the best software firewalls out there and it could easily protect your web apps against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Hosting

ModSecurity comes standard with all hosting packages that we supply and it will be activated automatically for any domain or subdomain which you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to activate and disable it with a click or set it to detection mode, so it'll maintain a log of all attacks, but it'll not do anything to prevent them. The log for any of your websites will contain comprehensive information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are frequently updated and comprise of both commercial ones which we get from a third-party security firm and custom ones our system admins include in case that they detect a new type of attacks. That way, the websites which you host here will be far more protected without any action required on your end.

ModSecurity in Semi-dedicated Hosting

Any web program you install within your new semi-dedicated hosting account shall be protected by ModSecurity since the firewall is included with all our hosting packages and is activated by default for any domain and subdomain that you include or create via your Hepsia hosting Control Panel. You shall be able to manage ModSecurity through a dedicated section within Hepsia where not only could you activate or deactivate it completely, but you may also switch on a passive mode, so the firewall won't stop anything, but it shall still keep a record of potential attacks. This normally requires just a click and you will be able to look at the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was dealt with, etc. The firewall uses 2 groups of rules on our web servers - a commercial one which we get from a third-party web security provider and a custom one which our administrators update manually as to respond to recently discovered threats as quickly as possible.

ModSecurity in VPS Hosting

All virtual private servers that are offered with the Hepsia CP come with ModSecurity. The firewall is installed and turned on by default for all domains which are hosted on the machine, so there won't be anything special which you shall have to do to protect your websites. It will take you simply a mouse click to stop ModSecurity if necessary or to switch on its passive mode so that it records what happens without taking any steps to prevent intrusions. You will be able to see the logs generated in active or passive mode through the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to deal with it, and so on. We use a mixture of commercial and custom rules in order to make certain that ModSecurity will block out as many threats as possible, consequently increasing the protection of your web applications as much as possible.

ModSecurity in Dedicated Web Hosting

All of our dedicated servers that are installed with the Hepsia hosting CP include ModSecurity, so any app which you upload or install shall be protected from the very beginning and you'll not have to worry about common attacks or vulnerabilities. An individual section inside Hepsia will permit you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to stop them. What you will find in the logs can easily allow you to to secure your sites better - the IP an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, etcetera. With this data, you can see whether an Internet site needs an update, if you should block IPs from accessing your web server, etc. On top of the third-party commercial security rules for ModSecurity which we use, our admins include custom ones as well every time they discover a new threat which is not yet in the commercial bundle.