ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its overall performance and in case it identifies an intrusion attempt, it prevents it. The firewall furthermore keeps a more thorough log for the traffic than any server does, so you shall manage to monitor what's happening with your websites much better than if you rely only on conventional logs. ModSecurity employs security rules based on which it helps prevent attacks. For example, it detects if somebody is attempting to log in to the administrator area of a certain script several times or if a request is sent to execute a file with a specific command. In these situations these attempts trigger the corresponding rules and the firewall software hinders the attempts immediately, and then records comprehensive information about them in its logs. ModSecurity is one of the best software firewalls on the market and it could easily protect your web applications against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.

ModSecurity in Cloud Hosting

We offer ModSecurity with all cloud hosting plans, so your Internet apps will be shielded from harmful attacks. The firewall is activated by default for all domains and subdomains, but in case you would like, you will be able to stop it using the respective section of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you will discover in Hepsia are extremely detailed and offer info about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, etcetera. We use a group of commercial rules which are regularly updated, but sometimes our admins add custom rules as well so as to better protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans which we offer feature ModSecurity and since the firewall is switched on by default, any Internet site that you create under a domain or a subdomain will be secured immediately. A separate section within the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it will permit you to stop and start the firewall for any site or activate a detection mode. With the last mentioned, ModSecurity won't take any action, but it'll still identify possible attacks and will keep all data within a log as if it were 100% active. The logs can be found in the same section of the CP and they feature information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules we use on our machines are a mix of commercial ones from a security business and custom ones created by our system administrators. As a result, we provide increased security for your web programs as we can protect them from attacks before security companies release updates for brand new threats.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are provided with the Hepsia hosting CP, so your web applications shall be protected from the moment your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if required, you can disable it with a click of your mouse through the corresponding section of Hepsia. You can also set it to work in detection mode, so it shall keep an extensive log of any potential attacks without taking any action to stop them. The logs can be found in the very same section and include information regarding the nature of the attack, what IP it originated from and what ModSecurity rule was activated to stop it. For maximum security, we use not only commercial rules from a business working in the field of web security, but also custom ones that our administrators include personally so as to react to new risks that are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

All our dedicated servers that are set up with the Hepsia hosting CP feature ModSecurity, so any program that you upload or set up will be protected from the very beginning and you won't have to bother about common attacks or vulnerabilities. An individual section in Hepsia will permit you to start or stop the firewall for each domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you will discover in the logs can enable you to to secure your websites better - the IP address an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, and so on. With this info, you could see if a website needs an update, if you ought to block IPs from accessing your hosting server, and so on. Besides the third-party commercial security rules for ModSecurity we use, our administrators include custom ones as well whenever they come across a new threat that's not yet a part of the commercial bundle.