ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its operation and if it identifies an intrusion attempt, it blocks it. The firewall additionally maintains a more thorough log for the site visitors than any server does, so you'll be able to keep track of what's going on with your sites better than if you rely merely on standard logs. ModSecurity employs security rules based on which it stops attacks. For instance, it identifies if anyone is trying to log in to the administrator area of a specific script a number of times or if a request is sent to execute a file with a certain command. In these instances these attempts set off the corresponding rules and the firewall program blocks the attempts instantly, after that records in-depth details about them within its logs. ModSecurity is one of the best software firewalls on the market and it can easily protect your web apps against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Shared Hosting

ModSecurity is provided with all shared hosting web servers, so if you choose to host your Internet sites with our firm, they'll be protected against a wide range of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you will need to do on your end. You'll be able to stop ModSecurity for any Internet site if necessary, or to switch on a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You will be able to view detailed logs through your Hepsia Control Panel including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. As we take the security of our customers' websites seriously, we employ a selection of commercial rules which we get from one of the best companies that maintain such rules. Our admins also include custom rules to make certain that your Internet sites shall be protected against as many risks as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server plans and if you opt to host your Internet sites with our company, there shall not be anything special you'll have to do since the firewall is turned on by default for all domains and subdomains you add via your hosting Control Panel. If needed, you could disable ModSecurity for a certain website or turn on the so-called detection mode in which case the firewall shall still work and record info, but shall not do anything to stop possible attacks against your Internet sites. In depth logs shall be available inside your CP and you shall be able to see what sort of attacks took place, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, and so on. We use two sorts of rules on our servers - commercial ones from a company that operates in the field of web security, and custom ones which our admins occasionally add to respond to newly identified threats in a timely manner.

ModSecurity in VPS Servers

Protection is vital to us, so we install ModSecurity on all VPS servers that are provided with the Hepsia CP as a standard. The firewall can be managed via a dedicated section within Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you'll not need to do anything by hand. You will also be able to deactivate it or switch on the so-called detection mode, so it shall keep a log of potential attacks which you can later examine, but won't block them. The logs in both passive and active modes contain info about the form of the attack and how it was stopped, what IP address it came from and other important information that could help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. On top of the commercial rules that we get for ModSecurity from a third-party security firm, we also implement our own rules as occasionally we discover specific attacks that are not yet present within the commercial pack. That way, we can increase the protection of your Virtual private server in a timely manner rather than waiting for a certified update.

ModSecurity in Dedicated Servers

When you decide to host your websites on a dedicated server with the Hepsia Control Panel, your web programs will be secured immediately because ModSecurity is available with all Hepsia-based packages. You'll be able to control the firewall easily and if necessary, you shall be able to turn it off or switch on its passive mode when it will only keep a log of what's occurring without taking any action to prevent possible attacks. The logs which you can find in the same section of the CP are very detailed and include information about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall used to stop the intrusion, etc. This info will permit you to take measures and enhance the security of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our staff include whenever they detect attacks which have not yet been included in the commercial pack.