ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and if it detects an intrusion attempt, it blocks it. The firewall furthermore keeps a more detailed log for the website visitors than any server does, so you'll manage to keep an eye on what is going on with your sites better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For example, it recognizes if someone is attempting to log in to the administration area of a particular script a number of times or if a request is sent to execute a file with a particular command. In these instances these attempts set off the corresponding rules and the firewall blocks the attempts instantly, and then records in-depth information about them inside its logs. ModSecurity is among the very best software firewalls available and it can easily protect your web applications against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.

ModSecurity in Cloud Hosting

We offer ModSecurity with all cloud hosting plans, so your web apps shall be resistant to harmful attacks. The firewall is activated by default for all domains and subdomains, but if you would like, you shall be able to stop it using the respective section of your Hepsia CP. You could also activate a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs which you will discover in Hepsia are very detailed and feature info about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, etc. We employ a range of commercial rules that are regularly updated, but sometimes our admins add custom rules as well in order to better protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Servers

Any web app that you install in your new semi-dedicated server account will be protected by ModSecurity since the firewall is included with all our hosting plans and is turned on by default for any domain and subdomain which you include or create through your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated section within Hepsia where not simply can you activate or deactivate it entirely, but you may also enable a passive mode, so the firewall won't block anything, but it will still maintain an archive of potential attacks. This takes only a mouse click and you'll be able to view the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was taken care of, etc. The firewall employs 2 sets of rules on our web servers - a commercial one which we get from a third-party web security company and a custom one that our administrators update personally in order to respond to newly discovered threats as quickly as possible.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers that we offer and it shall be activated automatically for every new domain or subdomain which you include on the server. This way, any web app you install will be secured from the very beginning without doing anything by hand on your end. The firewall could be handled through the section of the Control Panel which has the same name. This is the location in whichyou can disable ModSecurity or enable its passive mode, so it shall not take any action towards threats, but shall still maintain a comprehensive log. The recorded info is available within the same section as well and you will be able to see what IPs any attacks came from to enable you to stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules we use on our servers are a combination between commercial ones which we get from a security company and custom ones that are added by our staff to maximize the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

When you decide to host your Internet sites on a dedicated server with the Hepsia CP, your web programs will be protected right from the start since ModSecurity is supplied with all Hepsia-based packages. You'll be able to regulate the firewall with ease and if needed, you will be able to turn it off or switch on its passive mode when it will only maintain a log of what's occurring without taking any action to stop potential attacks. The logs which you can find inside the exact same section of the CP are really detailed and contain details about the attacker IP, what website and file were attacked and in what ways, what rule the firewall used to stop the intrusion, and so forth. This info shall enable you to take measures and improve the security of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our administrators add when they recognize attacks which haven't yet been included inside the commercial pack.