ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its performance and if it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more comprehensive log for the traffic than any server does, so you shall be able to keep an eye on what's happening with your Internet sites better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it stops attacks. For example, it recognizes if someone is trying to log in to the administrator area of a given script a number of times or if a request is sent to execute a file with a certain command. In these situations these attempts set off the corresponding rules and the firewall blocks the attempts right away, after that records detailed information about them inside its logs. ModSecurity is one of the very best software firewalls available and it could easily protect your web applications against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.

ModSecurity in Cloud Hosting

We provide ModSecurity with all cloud hosting solutions, so your Internet apps will be resistant to destructive attacks. The firewall is activated as standard for all domains and subdomains, but if you would like, you will be able to stop it through the respective part of your Hepsia Control Panel. You'll be able to also switch on a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you will discover within Hepsia are quite detailed and feature info about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, etcetera. We use a group of commercial rules that are constantly updated, but sometimes our administrators include custom rules as well in order to better protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting packages and if you opt to host your sites with our company, there will not be anything special you will have to do as the firewall is switched on by default for all domains and subdomains you include using your hosting CP. If necessary, you'll be able to disable ModSecurity for a particular website or turn on the so-called detection mode in which case the firewall shall still operate and record info, but will not do anything to prevent possible attacks on your Internet sites. Thorough logs shall be readily available in your CP and you'll be able to see what sort of attacks happened, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, and so forth. We employ two types of rules on our servers - commercial ones from a company that operates in the field of web security, and custom made ones that our admins often add to respond to newly discovered threats on time.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers which are provided with the Hepsia hosting CP, so your web apps shall be secured from the second your server is in a position. The firewall is activated by default for any domain or subdomain on the VPS, but if needed, you could deactivate it with a mouse click via the corresponding section of Hepsia. You can also set it to function in detection mode, so it'll keep a comprehensive log of any potential attacks without taking any action to prevent them. The logs can be found within the same section and offer info about the nature of the attack, what IP it came from and what ModSecurity rule was initiated to stop it. For best security, we employ not just commercial rules from a business operating in the field of web security, but also custom ones that our administrators add personally in order to respond to new threats which are still not tackled in the commercial rules.

ModSecurity in Dedicated Hosting

All our dedicated servers which are installed with the Hepsia hosting CP include ModSecurity, so any app which you upload or install will be protected from the very beginning and you won't have to worry about common attacks or vulnerabilities. An independent section in Hepsia will enable you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you shall discover in the logs can easily help you to secure your sites better - the IP an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, etc. With this info, you could see whether a site needs an update, if you ought to block IPs from accessing your web server, etc. Aside from the third-party commercial security rules for ModSecurity that we use, our admins include custom ones too every time they discover a new threat that is not yet included in the commercial bundle.