ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its operation and in case it identifies an intrusion attempt, it prevents it. The firewall also maintains a more detailed log for the site visitors than any web server does, so you shall be able to keep an eye on what's happening with your Internet sites better than if you rely only on conventional logs. ModSecurity works with security rules based on which it stops attacks. For example, it recognizes if someone is trying to log in to the administration area of a certain script a number of times or if a request is sent to execute a file with a specific command. In such cases these attempts trigger the corresponding rules and the firewall software hinders the attempts immediately, then records in-depth info about them in its logs. ModSecurity is one of the most effective software firewalls on the market and it could easily protect your web apps against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.

ModSecurity in Shared Hosting

We provide ModSecurity with all shared hosting plans, so your Internet apps shall be shielded from malicious attacks. The firewall is activated by default for all domains and subdomains, but if you'd like, you will be able to stop it through the respective part of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you shall discover in Hepsia are extremely detailed and feature info about the nature of any attack, when it took place and from what IP address, the firewall rule which was triggered, etc. We employ a range of commercial rules which are frequently updated, but sometimes our administrators include custom rules as well so as to better protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages that we offer come with ModSecurity and since the firewall is switched on by default, any site that you set up under a domain or a subdomain will be secured straight away. An independent section inside the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will allow you to stop and start the firewall for any website or switch on a detection mode. With the last option, ModSecurity shall not take any action, but it'll still identify possible attacks and shall keep all info inside a log as if it were 100% active. The logs could be found in the very same section of the Control Panel and they feature information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etcetera. The security rules we use on our machines are a mix between commercial ones from a security company and custom ones developed by our system administrators. Therefore, we provide higher security for your web applications as we can protect them from attacks before security corporations release updates for new threats.

ModSecurity in VPS Web Hosting

All virtual private servers that are offered with the Hepsia Control Panel include ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the machine, so there will not be anything special that you'll have to do to protect your websites. It'll take you simply a mouse click to stop ModSecurity if required or to turn on its passive mode so that it records what occurs without taking any measures to stop intrusions. You'll be able to look at the logs produced in passive or active mode from the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall employed to tackle it, etc. We use a mix of commercial and custom rules in order to make certain that ModSecurity will prevent as many risks as possible, thus boosting the protection of your web programs as much as possible.

ModSecurity in Dedicated Servers Hosting

All of our dedicated servers which are set up with the Hepsia hosting CP feature ModSecurity, so any program which you upload or install will be secured from the very beginning and you will not have to worry about common attacks or vulnerabilities. A separate section within Hepsia will allow you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you will find in the logs can easily allow you to to secure your Internet sites better - the IP an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, etc. With this info, you can see whether a site needs an update, if you need to block IPs from accessing your web server, and so forth. On top of the third-party commercial security rules for ModSecurity which we use, our admins include custom ones too if they come across a new threat which is not yet a part of the commercial bundle.