ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its operation and if it identifies an intrusion attempt, it blocks it. The firewall also keeps a more thorough log for the site visitors than any web server does, so you shall manage to keep an eye on what is happening with your websites much better than if you rely simply on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For instance, it recognizes whether someone is attempting to log in to the administrator area of a given script a number of times or if a request is sent to execute a file with a specific command. In these cases these attempts trigger the corresponding rules and the firewall software blocks the attempts in real time, then records in-depth info about them within its logs. ModSecurity is amongst the best software firewalls on the market and it can protect your web applications against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Web Hosting

ModSecurity comes by default with all web hosting plans which we supply and it shall be switched on automatically for any domain or subdomain that you add/create in your Hepsia hosting Control Panel. The firewall has three different modes, so you could activate and deactivate it with just a click or set it to detection mode, so it shall keep a log of all attacks, but it shall not do anything to prevent them. The log for any of your websites will feature detailed info including the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules that we use are regularly updated and incorporate both commercial ones which we get from a third-party security company and custom ones which our system admins add in the event that they detect a new kind of attacks. That way, the Internet sites which you host here will be way more secure with no action expected on your end.

ModSecurity in Semi-dedicated Hosting

Any web app you install within your new semi-dedicated hosting account shall be protected by ModSecurity since the firewall is included with all our hosting solutions and is switched on by default for any domain and subdomain you add or create using your Hepsia hosting CP. You will be able to manage ModSecurity through a dedicated area inside Hepsia where not only can you activate or deactivate it completely, but you can also switch on a passive mode, so the firewall will not stop anything, but it shall still keep an archive of potential attacks. This normally requires just a click and you will be able to see the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was addressed, and so on. The firewall employs 2 groups of rules on our machines - a commercial one which we get from a third-party web security firm and a custom one that our admins update manually as to respond to recently discovered threats immediately.

ModSecurity in VPS Hosting

ModSecurity comes with all Hepsia-based virtual private servers we offer and it'll be turned on automatically for any new domain or subdomain that you include on the server. This way, any web application that you install shall be secured right from the start without doing anything by hand on your end. The firewall can be managed through the section of the CP that has the same name. This is the area in whichyou can switch off ModSecurity or let its passive mode, so it will not take any action towards threats, but shall still keep a detailed log. The recorded information is available inside the same area as well and you shall be able to see what IPs any attacks originated from to enable you to block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules we use on our servers are a mixture between commercial ones which we obtain from a security organization and custom ones that are added by our staff to optimize the security of any web applications hosted on our end.

ModSecurity in Dedicated Web Hosting

ModSecurity comes with all dedicated servers which are integrated with our Hepsia Control Panel and you won't need to do anything specific on your end to use it because it is turned on by default each time you add a new domain or subdomain on your hosting server. In the event that it disrupts some of your programs, you will be able to stop it via the respective part of Hepsia, or you could leave it in passive mode, so it will detect attacks and shall still keep a log for them, but won't prevent them. You'll be able to examine the logs later to learn what you can do to enhance the protection of your websites as you shall find info such as where an intrusion attempt came from, what Internet site was attacked and based upon what rule ModSecurity responded, etc. The rules that we employ are commercial, thus they're frequently updated by a security provider, but to be on the safe side, our administrators also include custom rules from time to time in order to respond to any new threats they have identified.