ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its overall performance and in case it discovers an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the site visitors than any server does, so you will be able to keep an eye on what's happening with your websites much better than if you rely only on conventional logs. ModSecurity works with security rules based on which it helps prevent attacks. For instance, it recognizes if somebody is trying to log in to the admin area of a given script several times or if a request is sent to execute a file with a certain command. In these situations these attempts trigger the corresponding rules and the firewall program hinders the attempts immediately, after that records comprehensive information about them in its logs. ModSecurity is among the best software firewalls on the market and it can protect your web apps against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Website Hosting

ModSecurity comes by default with all website hosting plans which we supply and it shall be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and disable it with a click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to stop them. The log for any of your Internet sites will feature detailed information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules we use are frequently updated and include both commercial ones which we get from a third-party security firm and custom ones that our system administrators include in the event that they detect a new sort of attacks. This way, the sites you host here will be a lot more secure without any action needed on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages which we offer include ModSecurity and given that the firewall is enabled by default, any website you set up under a domain or a subdomain will be secured immediately. An independent section in the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will enable you to start and stop the firewall for any site or activate a detection mode. With the last option, ModSecurity will not take any action, but it'll still identify possible attacks and will keep all data inside a log as if it were 100% active. The logs could be found inside the very same section of the CP and they offer info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules that we use on our web servers are a mix between commercial ones from a security company and custom ones created by our system administrators. Consequently, we offer greater security for your web applications as we can shield them from attacks even before security businesses release updates for new threats.

ModSecurity in VPS Web Hosting

ModSecurity is pre-installed on all virtual private servers which are set up with the Hepsia hosting CP, so your web apps shall be protected from the instant your server is in a position. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if needed, you can deactivate it with a click through the corresponding section of Hepsia. You may also set it to function in detection mode, so it shall keep an extensive log of any potential attacks without taking any action to prevent them. The logs can be found within the exact same section and offer details about the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For optimum security, we use not only commercial rules from a company working in the field of web security, but also custom ones which our administrators include personally in order to respond to new risks that are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers Hosting

ModSecurity is included with all dedicated servers that are set up with our Hepsia Control Panel and you won't have to do anything specific on your end to use it as it's switched on by default every time you include a new domain or subdomain on your hosting server. In the event that it disrupts some of your programs, you'll be able to stop it via the respective part of Hepsia, or you could leave it operating in passive mode, so it will identify attacks and will still maintain a log for them, but shall not block them. You'll be able to analyze the logs later to learn what you can do to enhance the protection of your Internet sites since you shall find info such as where an intrusion attempt came from, what Internet site was attacked and based upon what rule ModSecurity responded, etcetera. The rules we use are commercial, therefore they are frequently updated by a security provider, but to be on the safe side, our staff also include custom rules every now and then in order to react to any new threats they have discovered.