ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and in case it identifies an intrusion attempt, it blocks it. The firewall additionally maintains a more thorough log for the traffic than any server does, so you shall manage to keep track of what's going on with your sites a lot better than if you rely simply on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it identifies whether somebody is trying to log in to the administrator area of a particular script a number of times or if a request is sent to execute a file with a certain command. In such circumstances these attempts set off the corresponding rules and the firewall program hinders the attempts immediately, then records in-depth information about them in its logs. ModSecurity is one of the best software firewalls out there and it can easily protect your web apps against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.

ModSecurity in Shared Hosting

ModSecurity comes by default with all shared hosting solutions that we offer and it shall be switched on automatically for any domain or subdomain you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could switch on and disable it with a click or set it to detection mode, so it will keep a log of all attacks, but it will not do anything to stop them. The log for each of your sites shall include comprehensive information such as the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules which we use are constantly updated and include both commercial ones we get from a third-party security firm and custom ones our system admins include in the event that they detect a new type of attacks. In this way, the Internet sites that you host here shall be much more secure with no action required on your end.

ModSecurity in Semi-dedicated Hosting

We have included ModSecurity by default in all semi-dedicated hosting plans, so your web apps will be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall permit you to activate or turn off the firewall for any Internet site with a click. You'll also have the ability to switch on a passive detection mode in which ModSecurity will keep a log of possible attacks without really stopping them. The thorough logs include the nature of the attack and what ModSecurity response that attack triggered, where it originated from, and so forth. The list of rules we employ is regularly updated as to match any new risks that could appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones that our administrators include if they discover a threat that is not present inside the commercial list yet.

ModSecurity in VPS Hosting

All virtual private servers which are offered with the Hepsia CP feature ModSecurity. The firewall is set up and activated by default for all domains that are hosted on the machine, so there shall not be anything special which you'll need to do to protect your websites. It will take you only a click to stop ModSecurity if necessary or to turn on its passive mode so that it records what occurs without taking any actions to stop intrusions. You will be able to view the logs produced in passive or active mode through the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall employed to tackle it, and so forth. We use a mixture of commercial and custom rules so as to make certain that ModSecurity will stop as many threats as possible, thus increasing the protection of your web applications as much as possible.

ModSecurity in Dedicated Web Hosting

All of our dedicated servers which are set up with the Hepsia hosting CP feature ModSecurity, so any application you upload or set up shall be properly secured from the very beginning and you won't need to stress about common attacks or vulnerabilities. An independent section within Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records info about intrusions, but doesn't take actions to stop them. What you shall see in the logs shall allow you to to secure your Internet sites better - the IP address an attack originated from, what site was attacked and how, what ModSecurity rule was triggered, and so on. With this info, you can see if an Internet site needs an update, whether you ought to block IPs from accessing your server, etc. Aside from the third-party commercial security rules for ModSecurity that we use, our admins add custom ones as well if they find a new threat that's not yet included in the commercial bundle.