ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and in case it identifies an intrusion attempt, it prevents it. The firewall additionally maintains a more detailed log for the site visitors than any web server does, so you'll be able to keep track of what is happening with your Internet sites much better than if you rely merely on standard logs. ModSecurity employs security rules based on which it prevents attacks. For example, it recognizes if someone is trying to log in to the administration area of a particular script multiple times or if a request is sent to execute a file with a specific command. In these instances these attempts trigger the corresponding rules and the firewall blocks the attempts in real time, and then records in-depth information about them inside its logs. ModSecurity is one of the very best software firewalls out there and it can easily protect your web apps against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Shared Web Hosting

We offer ModSecurity with all shared web hosting plans, so your Internet applications will be shielded from malicious attacks. The firewall is switched on as standard for all domains and subdomains, but in case you would like, you shall be able to stop it through the respective part of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you shall find within Hepsia are very detailed and feature data about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, and so on. We use a set of commercial rules which are regularly updated, but sometimes our admins add custom rules as well so as to better protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting plans and if you choose to host your Internet sites with our company, there shall not be anything special you will have to do as the firewall is switched on by default for all domains and subdomains you include using your hosting Control Panel. If needed, you could disable ModSecurity for a given website or enable the so-called detection mode in which case the firewall will still function and record information, but won't do anything to stop potential attacks against your websites. Detailed logs shall be accessible inside your CP and you will be able to see what type of attacks took place, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, etc. We employ 2 kinds of rules on our servers - commercial ones from an organization which operates in the field of web security, and custom made ones which our admins occasionally add to respond to newly identified risks in a timely manner.

ModSecurity in VPS Web Hosting

Security is extremely important to us, so we install ModSecurity on all virtual private servers that are set up with the Hepsia Control Panel as a standard. The firewall could be managed through a dedicated section within Hepsia and is turned on automatically when you include a new domain or create a subdomain, so you'll not need to do anything personally. You will also be able to disable it or activate the so-called detection mode, so it shall maintain a log of possible attacks which you can later analyze, but won't stop them. The logs in both passive and active modes offer details regarding the kind of the attack and how it was stopped, what IP address it originated from and other valuable data which may help you to tighten the security of your websites by updating them or blocking IPs, for instance. On top of the commercial rules we get for ModSecurity from a third-party security enterprise, we also use our own rules because occasionally we identify specific attacks which aren't yet present in the commercial group. That way, we could increase the protection of your Virtual private server in a timely manner rather than awaiting an official update.

ModSecurity in Dedicated Servers Hosting

When you opt to host your websites on a dedicated server with the Hepsia Control Panel, your web apps shall be secured right from the start because ModSecurity is supplied with all Hepsia-based solutions. You'll be able to regulate the firewall with ease and if needed, you will be able to turn it off or switch on its passive mode when it'll only maintain a log of what's occurring without taking any action to prevent possible attacks. The logs which you'll find within the exact same section of the Control Panel are quite detailed and feature data about the attacker IP address, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, etcetera. This data will enable you to take measures and increase the security of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our administrators add whenever they identify attacks which haven't yet been included inside the commercial pack.