ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its overall performance and when it identifies an intrusion attempt, it prevents it. The firewall additionally keeps a more detailed log for the site visitors than any server does, so you'll manage to keep track of what is happening with your sites a lot better than if you rely merely on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it identifies whether anyone is attempting to log in to the administrator area of a given script multiple times or if a request is sent to execute a file with a certain command. In these situations these attempts set off the corresponding rules and the software hinders the attempts right away, and then records detailed information about them in its logs. ModSecurity is among the best software firewalls out there and it can protect your web applications against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Shared Web Hosting

ModSecurity is supplied with all shared web hosting machines, so when you opt to host your sites with our firm, they shall be protected against a wide array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you shall have to do on your end. You'll be able to stop ModSecurity for any site if required, or to switch on a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You will be able to view detailed logs through your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity addressed the threat. As we take the security of our clients' sites very seriously, we use a selection of commercial rules that we take from one of the top firms that maintain such rules. Our admins also include custom rules to ensure that your websites shall be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages that we offer feature ModSecurity and since the firewall is turned on by default, any site that you build under a domain or a subdomain will be secured right from the start. An independent section within the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it shall allow you to start and stop the firewall for any website or activate a detection mode. With the last mentioned, ModSecurity will not take any action, but it will still detect possible attacks and will keep all info inside a log as if it were fully active. The logs could be found inside the same section of the CP and they include details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules which we use on our machines are a mix of commercial ones from a security firm and custom ones developed by our system administrators. For that reason, we offer increased security for your web applications as we can protect them from attacks before security corporations release updates for brand new threats.

ModSecurity in VPS Web Hosting

ModSecurity is pre-installed on all virtual private servers which are set up with the Hepsia hosting CP, so your web programs shall be protected from the instant your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if required, you'll be able to deactivate it with a click of your mouse via the corresponding section of Hepsia. You can also set it to function in detection mode, so it shall maintain an extensive log of any possible attacks without taking any action to prevent them. The logs are available within the same section and include information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For best security, we use not only commercial rules from a firm working in the field of web security, but also custom ones which our admins add manually in order to react to new threats that are still not addressed in the commercial rules.

ModSecurity in Dedicated Servers Hosting

All our dedicated servers which are installed with the Hepsia hosting Control Panel come with ModSecurity, so any app you upload or install shall be secured from the very beginning and you won't need to stress about common attacks or vulnerabilities. An individual section inside Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records details about intrusions, but does not take actions to stop them. What you shall see in the logs can help you to secure your websites better - the IP an attack originated from, what website was attacked as well as how, what ModSecurity rule was triggered, and so on. With this data, you could see if a site needs an update, if you should block IPs from accessing your hosting server, etcetera. Aside from the third-party commercial security rules for ModSecurity we use, our administrators include custom ones as well if they find a new threat that is not yet in the commercial bundle.