ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and if it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more comprehensive log for the site visitors than any server does, so you shall manage to keep an eye on what is going on with your Internet sites much better than if you rely merely on standard logs. ModSecurity uses security rules based on which it stops attacks. For instance, it recognizes whether somebody is attempting to log in to the admin area of a given script several times or if a request is sent to execute a file with a certain command. In such circumstances these attempts trigger the corresponding rules and the firewall program blocks the attempts in real time, then records comprehensive information about them inside its logs. ModSecurity is one of the best software firewalls available and it could easily protect your web apps against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.

ModSecurity in Shared Web Hosting

ModSecurity is available on all shared web hosting machines, so if you choose to host your websites with our business, they shall be resistant to an array of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you shall need to do on your end. You shall be able to stop ModSecurity for any website if required, or to switch on a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You shall be able to view specific logs through your Hepsia Control Panel including the IP where the attack originated from, what the attacker wanted to do and how ModSecurity dealt with the threat. As we take the protection of our clients' websites very seriously, we employ a selection of commercial rules which we take from one of the top companies that maintain this sort of rules. Our admins also include custom rules to make sure that your sites shall be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Hosting

We have incorporated ModSecurity by default within all semi-dedicated hosting packages, so your web apps will be protected the instant you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will allow you to activate or turn off the firewall for any Internet site with a mouse click. You'll also have the ability to activate a passive detection mode with which ModSecurity shall keep a log of possible attacks without actually preventing them. The thorough logs contain the nature of the attack and what ModSecurity response that attack generated, where it originated from, and so forth. The list of rules we employ is regularly updated as to match any new risks which might appear on the Internet and it comes with both commercial rules that we get from a security company and custom-written ones that our admins add in the event that they discover a threat that is not present inside the commercial list yet.

ModSecurity in VPS Web Hosting

ModSecurity is pre-installed on all virtual private servers that are provided with the Hepsia hosting CP, so your web programs shall be protected from the second your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if required, you can deactivate it with a mouse click from the corresponding section of Hepsia. You can also set it to work in detection mode, so it'll keep a comprehensive log of any possible attacks without taking any action to prevent them. The logs are available in the same section and provide details about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For maximum security, we use not just commercial rules from a firm working in the field of web security, but also custom ones our admins add personally so as to react to new risks which are still not tackled in the commercial rules.

ModSecurity in Dedicated Servers Hosting

All our dedicated servers which are installed with the Hepsia hosting CP feature ModSecurity, so any program you upload or set up will be secured from the very beginning and you won't have to worry about common attacks or vulnerabilities. An independent section within Hepsia will enable you to start or stop the firewall for any domain or subdomain, or switch on a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you shall see in the logs can allow you to to secure your sites better - the IP address an attack came from, what site was attacked and how, what ModSecurity rule was triggered, etc. With this info, you'll be able to see if a website needs an update, if you need to block IPs from accessing your hosting server, and so on. In addition to the third-party commercial security rules for ModSecurity we use, our administrators add custom ones as well when they discover a new threat that's not yet included in the commercial bundle.