ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its overall performance and if it detects an intrusion attempt, it prevents it. The firewall furthermore maintains a more comprehensive log for the site visitors than any web server does, so you'll be able to keep track of what's happening with your websites a lot better than if you rely simply on standard logs. ModSecurity employs security rules based on which it stops attacks. For instance, it identifies whether anyone is trying to log in to the administrator area of a given script multiple times or if a request is sent to execute a file with a particular command. In these cases these attempts trigger the corresponding rules and the firewall software hinders the attempts instantly, then records in-depth details about them inside its logs. ModSecurity is among the most effective software firewalls available and it can easily protect your web apps against a huge number of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

We provide ModSecurity with all cloud hosting plans, so your web applications will be shielded from malicious attacks. The firewall is switched on as standard for all domains and subdomains, but if you'd like, you will be able to stop it through the respective area of your Hepsia CP. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you'll find inside Hepsia are extremely detailed and include info about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, and so forth. We employ a range of commercial rules that are often updated, but sometimes our administrators include custom rules as well in order to efficiently protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans that we offer feature ModSecurity and given that the firewall is switched on by default, any site you create under a domain or a subdomain shall be secured right away. An independent section in the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll permit you to stop and start the firewall for any Internet site or enable a detection mode. With the latter, ModSecurity will not take any action, but it shall still detect possible attacks and shall keep all information inside a log as if it were fully active. The logs can be found within the same section of the Control Panel and they feature information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules which we employ on our web servers are a mix of commercial ones from a security company and custom ones created by our system administrators. For that reason, we offer greater security for your web programs as we can defend them from attacks before security corporations release updates for new threats.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are set up with the Hepsia hosting Control Panel, so your web apps shall be protected from the second your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if required, you could deactivate it with a click of your mouse from the corresponding section of Hepsia. You can also set it to function in detection mode, so it shall maintain an extensive log of any potential attacks without taking any action to stop them. The logs can be found within the same section and offer information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For optimum security, we use not simply commercial rules from a business operating in the field of web security, but also custom ones that our admins add personally in order to respond to new risks that are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers

All of our dedicated servers that are installed with the Hepsia hosting CP feature ModSecurity, so any app that you upload or install shall be secured from the very beginning and you'll not have to worry about common attacks or vulnerabilities. An independent section in Hepsia will allow you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you'll discover in the logs can easily allow you to to secure your Internet sites better - the IP address an attack originated from, what site was attacked and exactly how, what ModSecurity rule was triggered, etc. With this info, you could see if a site needs an update, if you should block IPs from accessing your server, and so forth. On top of the third-party commercial security rules for ModSecurity we use, our admins add custom ones too whenever they discover a new threat which is not yet a part of the commercial bundle.