ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its operation and when it discovers an intrusion attempt, it prevents it. The firewall furthermore keeps a more thorough log for the traffic than any web server does, so you'll manage to keep an eye on what's happening with your sites much better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For instance, it identifies whether somebody is trying to log in to the administrator area of a given script several times or if a request is sent to execute a file with a particular command. In these instances these attempts trigger the corresponding rules and the firewall program hinders the attempts right away, after that records in-depth info about them inside its logs. ModSecurity is among the most effective software firewalls available and it can protect your web applications against a huge number of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.

ModSecurity in Shared Web Hosting

ModSecurity is supplied with all shared web hosting machines, so if you opt to host your Internet sites with our business, they will be protected against a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you'll have to do on your end. You will be able to stop ModSecurity for any site if required, or to switch on a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view comprehensive logs using your Hepsia CP including the IP where the attack came from, what the attacker wanted to do and how ModSecurity handled the threat. Since we take the protection of our customers' websites seriously, we employ a set of commercial rules which we take from one of the best companies which maintain this sort of rules. Our admins also add custom rules to make certain that your Internet sites will be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Hosting

Any web program that you set up within your new semi-dedicated hosting account shall be protected by ModSecurity as the firewall comes with all our hosting plans and is turned on by default for any domain and subdomain you add or create through your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated section within Hepsia where not simply could you activate or deactivate it completely, but you can also activate a passive mode, so the firewall shall not block anything, but it shall still maintain a record of possible attacks. This requires just a mouse click and you shall be able to see the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was addressed, and so on. The firewall employs two sets of rules on our servers - a commercial one which we get from a third-party web security company and a custom one which our administrators update manually as to respond to recently discovered risks as quickly as possible.

ModSecurity in VPS Hosting

Protection is of the utmost importance to us, so we install ModSecurity on all virtual private servers that are made available with the Hepsia Control Panel by default. The firewall can be managed via a dedicated section within Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you won't need to do anything by hand. You'll also be able to deactivate it or activate the so-called detection mode, so it will keep a log of potential attacks that you can later analyze, but won't prevent them. The logs in both passive and active modes offer info about the kind of the attack and how it was eliminated, what IP it came from and other important data which could help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. In addition to the commercial rules we get for ModSecurity from a third-party security company, we also employ our own rules since once in a while we detect specific attacks which aren't yet present in the commercial group. This way, we can easily increase the security of your VPS promptly instead of awaiting an official update.

ModSecurity in Dedicated Web Hosting

All of our dedicated servers that are installed with the Hepsia hosting Control Panel include ModSecurity, so any app which you upload or set up shall be protected from the very beginning and you'll not have to stress about common attacks or vulnerabilities. A separate section inside Hepsia will permit you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records info about intrusions, but does not take actions to stop them. What you will find in the logs shall allow you to to secure your sites better - the IP an attack originated from, what website was attacked as well as how, what ModSecurity rule was triggered, etcetera. With this information, you can see if an Internet site needs an update, whether you need to block IPs from accessing your server, and so forth. On top of the third-party commercial security rules for ModSecurity that we use, our admins include custom ones too if they discover a new threat which is not yet included in the commercial bundle.