ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and if it discovers an intrusion attempt, it blocks it. The firewall also maintains a more thorough log for the site visitors than any web server does, so you shall manage to keep an eye on what's happening with your websites much better than if you rely simply on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it detects whether anyone is attempting to log in to the administrator area of a given script a number of times or if a request is sent to execute a file with a specific command. In such situations these attempts trigger the corresponding rules and the firewall software blocks the attempts right away, after that records in-depth details about them in its logs. ModSecurity is among the most effective software firewalls on the market and it could easily protect your web applications against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Shared Hosting

ModSecurity comes by default with all shared hosting packages that we provide and it'll be activated automatically for any domain or subdomain which you add/create in your Hepsia hosting Control Panel. The firewall has 3 different modes, so you can switch on and disable it with a click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to stop them. The log for each of your Internet sites will feature in-depth information including the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules we use are constantly updated and consist of both commercial ones which we get from a third-party security firm and custom ones that our system administrators include in case that they detect a new kind of attacks. In this way, the sites you host here shall be a lot more secure with no action needed on your end.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting packages and if you decide to host your websites with our company, there won't be anything special you'll have to do given that the firewall is turned on by default for all domains and subdomains which you add through your hosting Control Panel. If necessary, you can disable ModSecurity for a given Internet site or turn on the so-called detection mode in which case the firewall shall still operate and record info, but will not do anything to prevent possible attacks on your sites. Detailed logs will be available within your Control Panel and you will be able to see which kind of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, etcetera. We employ 2 sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and customized ones that our administrators often include to respond to newly discovered risks promptly.

ModSecurity in VPS Hosting

All virtual private servers which are provided with the Hepsia Control Panel come with ModSecurity. The firewall is installed and activated by default for all domains that are hosted on the web server, so there will not be anything special which you'll need to do to protect your websites. It'll take you a mouse click to stop ModSecurity if needed or to turn on its passive mode so that it records what goes on without taking any measures to stop intrusions. You shall be able to look at the logs created in passive or active mode via the corresponding section of Hepsia and learn more about the form of the attack, where it came from, what rule the firewall employed to take care of it, etcetera. We employ a mixture of commercial and custom rules in order to ensure that ModSecurity will block out as many risks as possible, therefore increasing the protection of your web applications as much as possible.

ModSecurity in Dedicated Web Hosting

All our dedicated servers which are installed with the Hepsia hosting CP feature ModSecurity, so any program you upload or install shall be protected from the very beginning and you won't have to stress about common attacks or vulnerabilities. An individual section in Hepsia will allow you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you will discover in the logs can help you to secure your websites better - the IP an attack came from, what website was attacked and how, what ModSecurity rule was triggered, etc. With this data, you could see if a site needs an update, if you need to block IPs from accessing your server, and so on. On top of the third-party commercial security rules for ModSecurity which we use, our admins add custom ones too every time they discover a new threat which is not yet included in the commercial bundle.