ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its performance and in case it discovers an intrusion attempt, it prevents it. The firewall additionally keeps a more detailed log for the traffic than any web server does, so you shall manage to keep an eye on what's going on with your websites a lot better than if you rely only on standard logs. ModSecurity works with security rules based on which it helps prevent attacks. For instance, it identifies if anyone is trying to log in to the administrator area of a given script multiple times or if a request is sent to execute a file with a particular command. In such cases these attempts set off the corresponding rules and the firewall software hinders the attempts instantly, after that records in-depth info about them inside its logs. ModSecurity is among the very best software firewalls available and it could easily protect your web apps against many threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.

ModSecurity in Shared Web Hosting

We offer ModSecurity with all shared web hosting solutions, so your Internet applications shall be protected against destructive attacks. The firewall is turned on by default for all domains and subdomains, but in case you would like, you will be able to stop it via the respective part of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you will find within Hepsia are very detailed and include information about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, and so forth. We use a set of commercial rules that are regularly updated, but sometimes our administrators include custom rules as well so as to better protect the Internet sites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans which we offer come with ModSecurity and since the firewall is switched on by default, any website that you set up under a domain or a subdomain will be protected right from the start. A separate section within the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall permit you to start and stop the firewall for any Internet site or activate a detection mode. With the last option, ModSecurity will not take any action, but it shall still identify possible attacks and will keep all info within a log as if it were 100% active. The logs can be found inside the exact same section of the CP and they offer information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etcetera. The security rules which we use on our web servers are a mix of commercial ones from a security company and custom ones created by our system administrators. Therefore, we offer higher security for your web programs as we can defend them from attacks before security corporations release updates for brand new threats.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers which are set up with the Hepsia hosting CP, so your web applications shall be protected from the moment your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if required, you'll be able to deactivate it with a mouse click via the corresponding section of Hepsia. You could also set it to work in detection mode, so it'll keep a comprehensive log of any potential attacks without taking any action to prevent them. The logs can be found in the same section and include information regarding the nature of the attack, what IP it came from and what ModSecurity rule was initiated to stop it. For maximum security, we employ not simply commercial rules from a firm working in the field of web security, but also custom ones our admins add personally so as to react to new threats that are still not addressed in the commercial rules.

ModSecurity in Dedicated Hosting

When you decide to host your websites on a dedicated server with the Hepsia CP, your web programs shall be secured straight away as ModSecurity is supplied with all Hepsia-based plans. You'll be able to manage the firewall without difficulty and if needed, you will be able to turn it off or enable its passive mode when it will only keep a log of what is happening without taking any action to prevent potential attacks. The logs which you'll find in the exact same section of the Control Panel are extremely detailed and contain information about the attacker IP, what site and file were attacked and in what way, what rule the firewall employed to stop the intrusion, etc. This info shall allow you to take measures and enhance the security of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our administrators include when they identify attacks that have not yet been included within the commercial pack.