ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its functionality and in case it detects an intrusion attempt, it blocks it. The firewall furthermore keeps a more comprehensive log for the site visitors than any server does, so you shall be able to keep track of what is happening with your sites much better than if you rely only on standard logs. ModSecurity employs security rules based on which it stops attacks. For example, it recognizes whether anyone is trying to log in to the administrator area of a specific script a number of times or if a request is sent to execute a file with a certain command. In such instances these attempts trigger the corresponding rules and the firewall hinders the attempts in real time, after that records in-depth info about them inside its logs. ModSecurity is amongst the very best software firewalls on the market and it could easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Website Hosting

ModSecurity comes standard with all website hosting solutions that we offer and it shall be turned on automatically for any domain or subdomain which you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you could switch on and deactivate it with only a click or set it to detection mode, so it will maintain a log of all attacks, but it will not do anything to prevent them. The log for any of your sites will feature in-depth information such as the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules we use are frequently updated and comprise of both commercial ones which we get from a third-party security company and custom ones our system administrators include in the event that they detect a new sort of attacks. That way, the Internet sites which you host here will be much more protected with no action expected on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans that we offer include ModSecurity and given that the firewall is turned on by default, any site you set up under a domain or a subdomain shall be protected right from the start. An independent section inside the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it shall enable you to stop and start the firewall for any website or enable a detection mode. With the last option, ModSecurity won't take any action, but it shall still identify possible attacks and will keep all data inside a log as if it were fully active. The logs can be found within the same section of the Control Panel and they offer details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules we use on our web servers are a mix between commercial ones from a security firm and custom ones made by our system administrators. Consequently, we provide increased security for your web apps as we can defend them from attacks even before security firms release updates for new threats.

ModSecurity in VPS Web Hosting

ModSecurity is pre-installed on all virtual private servers which are offered with the Hepsia hosting Control Panel, so your web applications will be secured from the instant your server is ready. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if required, you could disable it with a click via the corresponding section of Hepsia. You can also set it to operate in detection mode, so it shall maintain an extensive log of any possible attacks without taking any action to stop them. The logs are available within the very same section and offer information regarding the nature of the attack, what IP it came from and what ModSecurity rule was initiated to stop it. For best security, we use not simply commercial rules from a business operating in the field of web security, but also custom ones which our administrators add manually so as to react to new risks which are still not addressed in the commercial rules.

ModSecurity in Dedicated Servers Hosting

All of our dedicated servers that are set up with the Hepsia hosting Control Panel feature ModSecurity, so any application that you upload or install will be secured from the very beginning and you'll not need to bother about common attacks or vulnerabilities. An independent section inside Hepsia will allow you to start or stop the firewall for each domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you shall see in the logs can allow you to to secure your sites better - the IP an attack came from, what site was attacked and in what way, what ModSecurity rule was triggered, and so forth. With this information, you'll be able to see if a site needs an update, if you ought to block IPs from accessing your web server, etc. In addition to the third-party commercial security rules for ModSecurity which we use, our admins include custom ones as well every time they come across a new threat which is not yet in the commercial bundle.