ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its performance and in case it discovers an intrusion attempt, it blocks it. The firewall also maintains a more detailed log for the site visitors than any web server does, so you will be able to monitor what's happening with your Internet sites a lot better than if you rely only on standard logs. ModSecurity uses security rules based on which it prevents attacks. For instance, it detects if anyone is trying to log in to the administrator area of a specific script multiple times or if a request is sent to execute a file with a particular command. In such cases these attempts set off the corresponding rules and the firewall blocks the attempts in real time, and then records in-depth info about them in its logs. ModSecurity is among the best software firewalls available and it can protect your web apps against many threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.

ModSecurity in Website Hosting

ModSecurity is provided with all website hosting machines, so if you opt to host your Internet sites with our organization, they will be resistant to a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you will need to do on your end. You will be able to stop ModSecurity for any Internet site if needed, or to enable a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view specific logs through your Hepsia CP including the IP where the attack came from, what the attacker wished to do and how ModSecurity addressed the threat. Since we take the safety of our clients' Internet sites seriously, we use a selection of commercial rules that we take from one of the top companies that maintain this sort of rules. Our admins also add custom rules to ensure that your websites shall be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Servers

Any web program you install inside your new semi-dedicated server account will be protected by ModSecurity since the firewall is provided with all our hosting packages and is turned on by default for any domain and subdomain that you add or create via your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated area inside Hepsia where not only can you activate or deactivate it fully, but you could also activate a passive mode, so the firewall won't stop anything, but it'll still keep a record of potential attacks. This requires just a mouse click and you shall be able to view the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was dealt with, and so on. The firewall employs two sets of rules on our web servers - a commercial one which we get from a third-party web security provider and a custom one that our administrators update manually as to respond to recently discovered risks as fast as possible.

ModSecurity in VPS Servers

ModSecurity comes with all Hepsia-based VPS servers which we offer and it shall be activated automatically for any new domain or subdomain you include on the server. That way, any web app that you install shall be secured right from the start without doing anything personally on your end. The firewall can be handled from the section of the Control Panel which has the same name. This is the location in whichyou can turn off ModSecurity or activate its passive mode, so it shall not take any action towards threats, but will still maintain a comprehensive log. The recorded info is available within the same area as well and you shall be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules that we use on our servers are a combination between commercial ones that we get from a security firm and custom ones that are included by our staff to improve the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers

When you choose to host your websites on a dedicated server with the Hepsia Control Panel, your web apps will be secured straight away as ModSecurity is available with all Hepsia-based packages. You will be able to regulate the firewall without difficulty and if required, you shall be able to turn it off or switch on its passive mode when it will only maintain a log of what's occurring without taking any action to prevent possible attacks. The logs that you will find in the exact same section of the CP are incredibly detailed and contain information about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so forth. This information shall enable you to take measures and boost the security of your Internet sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones which our staff include when they detect attacks that have not yet been included in the commercial pack.