ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and if it discovers an intrusion attempt, it blocks it. The firewall furthermore keeps a more thorough log for the traffic than any web server does, so you shall manage to keep track of what's going on with your websites much better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it helps prevent attacks. For instance, it recognizes if anyone is attempting to log in to the administrator area of a specific script several times or if a request is sent to execute a file with a certain command. In such instances these attempts set off the corresponding rules and the firewall software blocks the attempts instantly, and then records comprehensive info about them within its logs. ModSecurity is one of the best software firewalls on the market and it could easily protect your web applications against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins frequently.

ModSecurity in Shared Web Hosting

ModSecurity comes by default with all shared web hosting plans that we offer and it'll be switched on automatically for any domain or subdomain you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you could activate and deactivate it with a click or set it to detection mode, so it'll maintain a log of all attacks, but it'll not do anything to prevent them. The log for any of your Internet sites will feature detailed information including the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are regularly updated and consist of both commercial ones that we get from a third-party security business and custom ones that our system admins include in the event that they detect a new kind of attacks. In this way, the Internet sites that you host here will be a lot more secure without any action required on your end.

ModSecurity in Semi-dedicated Servers

Any web program you install inside your new semi-dedicated server account shall be protected by ModSecurity since the firewall is provided with all our hosting plans and is activated by default for any domain and subdomain which you include or create through your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated area in Hepsia where not only could you activate or deactivate it fully, but you may also switch on a passive mode, so the firewall shall not stop anything, but it'll still keep an archive of possible attacks. This requires just a mouse click and you will be able to see the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, and so on. The firewall uses 2 groups of rules on our web servers - a commercial one that we get from a third-party web security firm and a custom one which our administrators update manually in order to respond to recently discovered risks as fast as possible.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers which we offer and it'll be activated automatically for any new domain or subdomain you add on the machine. In this way, any web application you install shall be protected right away without doing anything manually on your end. The firewall may be managed via the section of the Control Panel that has the same name. This is the location whereyou could disable ModSecurity or activate its passive mode, so it won't take any action toward threats, but shall still keep a thorough log. The recorded info is available in the same area as well and you will be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules we use on our servers are a combination between commercial ones we get from a security company and custom ones which are added by our administrators to maximize the protection of any web applications hosted on our end.

ModSecurity in Dedicated Servers

When you opt to host your websites on a dedicated server with the Hepsia CP, your web programs shall be protected right away as ModSecurity is available with all Hepsia-based packages. You shall be able to control the firewall without difficulty and if necessary, you'll be able to turn it off or switch on its passive mode when it will only keep a log of what's taking place without taking any action to prevent possible attacks. The logs which you can find in the same section of the CP are very detailed and feature data about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, and so forth. This info shall allow you to take measures and increase the security of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our admins include when they identify attacks which haven't yet been included in the commercial pack.