ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its operation and if it identifies an intrusion attempt, it blocks it. The firewall furthermore maintains a more detailed log for the site visitors than any server does, so you will be able to monitor what's happening with your Internet sites much better than if you rely only on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For instance, it identifies if anyone is attempting to log in to the administration area of a certain script several times or if a request is sent to execute a file with a specific command. In these situations these attempts set off the corresponding rules and the firewall program hinders the attempts in real time, after that records in-depth information about them inside its logs. ModSecurity is amongst the very best software firewalls on the market and it can protect your web apps against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Shared Website Hosting

We offer ModSecurity with all shared website hosting plans, so your Internet apps shall be shielded from destructive attacks. The firewall is switched on as standard for all domains and subdomains, but in case you'd like, you will be able to stop it using the respective area of your Hepsia CP. You could also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you will discover in Hepsia are extremely detailed and offer information about the nature of any attack, when it transpired and from what IP address, the firewall rule that was triggered, and so on. We use a set of commercial rules which are frequently updated, but sometimes our administrators add custom rules as well so as to efficiently protect the sites hosted on our machines.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages which we offer come with ModSecurity and since the firewall is enabled by default, any website that you create under a domain or a subdomain shall be protected straight away. A separate section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it shall permit you to stop and start the firewall for any site or activate a detection mode. With the latter, ModSecurity won't take any action, but it'll still detect possible attacks and will keep all info in a log as if it were 100% active. The logs can be found within the very same section of the Control Panel and they feature information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules which we employ on our servers are a mix between commercial ones from a security company and custom ones created by our system administrators. Therefore, we offer increased security for your web programs as we can defend them from attacks even before security corporations release updates for completely new threats.

ModSecurity in VPS Servers

All VPS servers which are offered with the Hepsia Control Panel come with ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the server, so there won't be anything special which you'll need to do to protect your sites. It will take you just a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what occurs without taking any steps to prevent intrusions. You shall be able to view the logs produced in active or passive mode from the corresponding section of Hepsia and find out more about the form of the attack, where it originated from, what rule the firewall employed to handle it, and so forth. We use a mixture of commercial and custom rules in order to make sure that ModSecurity will block as many risks as possible, hence increasing the protection of your web apps as much as possible.

ModSecurity in Dedicated Servers

If you choose to host your Internet sites on a dedicated server with the Hepsia CP, your web apps shall be protected immediately as ModSecurity is supplied with all Hepsia-based solutions. You'll be able to manage the firewall with ease and if necessary, you'll be able to turn it off or switch on its passive mode when it'll only maintain a log of what's taking place without taking any action to prevent possible attacks. The logs that you will find within the exact same section of the CP are quite detailed and feature info about the attacker IP, what website and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, etcetera. This info will enable you to take measures and enhance the protection of your websites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones which our admins include whenever they recognize attacks that have not yet been included within the commercial pack.