ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its functionality and when it detects an intrusion attempt, it blocks it. The firewall furthermore keeps a more detailed log for the traffic than any web server does, so you shall manage to keep track of what's going on with your Internet sites much better than if you rely only on conventional logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it recognizes if someone is trying to log in to the administrator area of a certain script multiple times or if a request is sent to execute a file with a particular command. In these cases these attempts trigger the corresponding rules and the firewall blocks the attempts immediately, after that records in-depth information about them in its logs. ModSecurity is one of the best software firewalls available and it can easily protect your web applications against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Cloud Website Hosting

We provide ModSecurity with all cloud website hosting packages, so your web apps will be resistant to harmful attacks. The firewall is activated by default for all domains and subdomains, but if you would like, you'll be able to stop it through the respective section of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs that you shall find inside Hepsia are incredibly detailed and include information about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, etcetera. We use a group of commercial rules which are frequently updated, but sometimes our admins add custom rules as well so as to better protect the Internet sites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

Any web application which you set up inside your new semi-dedicated hosting account will be protected by ModSecurity as the firewall is provided with all our hosting packages and is activated by default for any domain and subdomain which you include or create via your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated section in Hepsia where not only could you activate or deactivate it completely, but you could also switch on a passive mode, so the firewall will not stop anything, but it'll still keep a record of potential attacks. This requires only a click and you'll be able to view the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was dealt with, etcetera. The firewall uses 2 sets of rules on our machines - a commercial one that we get from a third-party web security firm and a custom one that our admins update manually in order to respond to recently discovered threats immediately.

ModSecurity in VPS Web Hosting

Safety is extremely important to us, so we set up ModSecurity on all virtual private servers which are set up with the Hepsia CP by default. The firewall can be managed through a dedicated section inside Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you won't have to do anything personally. You'll also be able to deactivate it or switch on the so-called detection mode, so it shall maintain a log of possible attacks that you can later analyze, but shall not prevent them. The logs in both passive and active modes include information about the form of the attack and how it was prevented, what IP address it came from and other useful data that might help you to tighten the security of your Internet sites by updating them or blocking IPs, as an example. Besides the commercial rules that we get for ModSecurity from a third-party security firm, we also employ our own rules as once in a while we discover specific attacks which aren't yet present within the commercial pack. This way, we can boost the security of your Virtual private server promptly instead of awaiting a certified update.

ModSecurity in Dedicated Servers Hosting

All our dedicated servers which are installed with the Hepsia hosting Control Panel include ModSecurity, so any application you upload or install will be secured from the very beginning and you won't need to stress about common attacks or vulnerabilities. An independent section inside Hepsia will allow you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records details about intrusions, but does not take actions to stop them. What you shall find in the logs can allow you to to secure your websites better - the IP an attack came from, what website was attacked and exactly how, what ModSecurity rule was triggered, and so on. With this data, you'll be able to see if an Internet site needs an update, if you ought to block IPs from accessing your server, etcetera. Aside from the third-party commercial security rules for ModSecurity which we use, our admins include custom ones too whenever they come across a new threat that's not yet in the commercial bundle.