ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its functionality and when it detects an intrusion attempt, it prevents it. The firewall also maintains a more thorough log for the site visitors than any web server does, so you will be able to monitor what is going on with your sites better than if you rely only on standard logs. ModSecurity works with security rules based on which it stops attacks. For example, it identifies if someone is attempting to log in to the administration area of a particular script several times or if a request is sent to execute a file with a particular command. In these situations these attempts trigger the corresponding rules and the firewall software hinders the attempts right away, after that records in-depth information about them in its logs. ModSecurity is one of the very best software firewalls out there and it can protect your web applications against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.

ModSecurity in Website Hosting

ModSecurity comes by default with all website hosting packages that we provide and it will be turned on automatically for any domain or subdomain you add/create in your Hepsia hosting Control Panel. The firewall has three different modes, so you can switch on and deactivate it with a mouse click or set it to detection mode, so it'll maintain a log of all attacks, but it shall not do anything to stop them. The log for each of your Internet sites shall include detailed info including the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules we use are frequently updated and incorporate both commercial ones we get from a third-party security business and custom ones which our system admins include in the event that they detect a new type of attacks. This way, the websites you host here will be far more secure without any action needed on your end.

ModSecurity in Semi-dedicated Hosting

We've included ModSecurity as a standard in all semi-dedicated hosting packages, so your web apps will be protected the instant you install them under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts shall allow you to activate or disable the firewall for any site with a mouse click. You will also have the ability to turn on a passive detection mode with which ModSecurity will maintain a log of possible attacks without actually preventing them. The thorough logs contain the nature of the attack and what ModSecurity response this attack initiated, where it came from, etc. The list of rules we use is constantly updated as to match any new threats which could appear on the Internet and it includes both commercial rules that we get from a security company and custom-written ones that our admins include if they discover a threat which is not present inside the commercial list yet.

ModSecurity in VPS Web Hosting

ModSecurity is pre-installed on all virtual private servers which are provided with the Hepsia hosting Control Panel, so your web applications shall be secured from the second your server is ready. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if required, you'll be able to deactivate it with a mouse click through the corresponding section of Hepsia. You could also set it to operate in detection mode, so it'll keep an extensive log of any potential attacks without taking any action to prevent them. The logs are available inside the very same section and include information regarding the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For optimum security, we employ not just commercial rules from a firm working in the field of web security, but also custom ones our admins add manually in order to react to new threats that are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers Hosting

All of our dedicated servers which are set up with the Hepsia hosting CP include ModSecurity, so any app that you upload or set up shall be properly secured from the very beginning and you won't have to bother about common attacks or vulnerabilities. An individual section in Hepsia will permit you to start or stop the firewall for each domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you'll see in the logs can easily help you to secure your websites better - the IP an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, etc. With this data, you'll be able to see whether a site needs an update, whether you ought to block IPs from accessing your web server, etc. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones too if they come across a new threat that is not yet in the commercial bundle.