ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its performance and when it detects an intrusion attempt, it prevents it. The firewall additionally maintains a more comprehensive log for the website visitors than any web server does, so you shall manage to keep track of what is happening with your sites a lot better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For instance, it recognizes if somebody is attempting to log in to the admin area of a given script several times or if a request is sent to execute a file with a particular command. In these cases these attempts set off the corresponding rules and the firewall program blocks the attempts in real time, and then records in-depth information about them inside its logs. ModSecurity is one of the very best software firewalls on the market and it could easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Web Hosting

We provide ModSecurity with all web hosting packages, so your Internet apps will be shielded from destructive attacks. The firewall is switched on as standard for all domains and subdomains, but in case you would like, you'll be able to stop it using the respective part of your Hepsia CP. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you'll find in Hepsia are extremely detailed and include info about the nature of any attack, when it happened and from what IP address, the firewall rule that was triggered, etcetera. We employ a group of commercial rules that are regularly updated, but sometimes our admins add custom rules as well so as to better protect the sites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

We have integrated ModSecurity as a standard in all semi-dedicated hosting plans, so your web applications shall be protected as soon as you set them up under any domain or subdomain. The Hepsia CP which is included with the semi-dedicated accounts will allow you to enable or disable the firewall for any Internet site with a mouse click. You'll also have the ability to activate a passive detection mode through which ModSecurity will keep a log of possible attacks without really preventing them. The comprehensive logs include things like the nature of the attack and what ModSecurity response that attack triggered, where it originated from, etcetera. The list of rules which we use is constantly updated in order to match any new threats that could appear on the Internet and it consists of both commercial rules that we get from a security corporation and custom-written ones that our admins include if they find a threat which is not present in the commercial list yet.

ModSecurity in VPS Web Hosting

Safety is essential to us, so we set up ModSecurity on all virtual private servers which are set up with the Hepsia CP as a standard. The firewall could be managed via a dedicated section inside Hepsia and is activated automatically when you add a new domain or generate a subdomain, so you won't need to do anything personally. You will also be able to deactivate it or turn on the so-called detection mode, so it shall keep a log of possible attacks which you can later study, but won't prevent them. The logs in both passive and active modes include info about the form of the attack and how it was eliminated, what IP it originated from and other important info which may help you to tighten the security of your sites by updating them or blocking IPs, for example. Beyond the commercial rules which we get for ModSecurity from a third-party security firm, we also use our own rules as from time to time we identify specific attacks which are not yet present in the commercial pack. This way, we can easily improve the security of your Virtual private server in a timely manner rather than waiting for an official update.

ModSecurity in Dedicated Servers Hosting

All our dedicated servers that are set up with the Hepsia hosting CP feature ModSecurity, so any application which you upload or set up shall be protected from the very beginning and you'll not have to stress about common attacks or vulnerabilities. A separate section in Hepsia will allow you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you shall see in the logs can easily help you to secure your Internet sites better - the IP an attack came from, what website was attacked and exactly how, what ModSecurity rule was triggered, etcetera. With this data, you'll be able to see whether a site needs an update, if you ought to block IPs from accessing your hosting server, etcetera. Aside from the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones as well if they find a new threat that is not yet included in the commercial bundle.