ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its functionality and in case it discovers an intrusion attempt, it blocks it. The firewall furthermore maintains a more comprehensive log for the traffic than any web server does, so you'll manage to monitor what's happening with your Internet sites better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it stops attacks. For example, it identifies whether somebody is trying to log in to the administrator area of a particular script multiple times or if a request is sent to execute a file with a particular command. In these situations these attempts trigger the corresponding rules and the firewall hinders the attempts right away, after that records comprehensive information about them inside its logs. ModSecurity is one of the most effective software firewalls out there and it can protect your web apps against many threats and vulnerabilities, particularly if you don’t update them or their plugins often.

ModSecurity in Shared Web Hosting

ModSecurity is provided with all shared web hosting web servers, so when you choose to host your websites with our business, they'll be protected against a wide range of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any site if required, or to enable a detection mode, so that all activity shall be recorded, but the firewall will not take any real action. You will be able to view specific logs via your Hepsia Control Panel including the IP address where the attack came from, what the attacker planned to do and how ModSecurity handled the threat. As we take the protection of our clients' Internet sites seriously, we use a set of commercial rules which we take from one of the top companies that maintain such rules. Our admins also include custom rules to make certain that your websites will be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting packages and if you decide to host your sites with our company, there won't be anything special you'll need to do since the firewall is activated by default for all domains and subdomains you include via your hosting CP. If necessary, you can disable ModSecurity for a given site or activate the so-called detection mode in which case the firewall shall still function and record info, but will not do anything to stop possible attacks against your Internet sites. In depth logs will be accessible within your CP and you'll be able to see which kind of attacks happened, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, etcetera. We employ 2 kinds of rules on our servers - commercial ones from a company that operates in the field of web security, and custom made ones that our admins often include to respond to newly found risks promptly.

ModSecurity in VPS Web Hosting

ModSecurity is pre-installed on all virtual private servers that are set up with the Hepsia hosting Control Panel, so your web apps shall be secured from the moment your server is in a position. The firewall is switched on by default for any domain or subdomain on the VPS, but if required, you can disable it with a click of your mouse through the corresponding section of Hepsia. You could also set it to function in detection mode, so it shall maintain a comprehensive log of any potential attacks without taking any action to stop them. The logs can be found in the same section and offer information about the nature of the attack, what IP it originated from and what ModSecurity rule was initiated to stop it. For optimum security, we use not only commercial rules from a business operating in the field of web security, but also custom ones which our administrators include manually in order to react to new threats which are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers Hosting

When you choose to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web applications shall be secured right from the start as ModSecurity is provided with all Hepsia-based plans. You shall be able to regulate the firewall effortlessly and if required, you shall be able to turn it off or switch on its passive mode when it shall only keep a log of what is taking place without taking any action to stop potential attacks. The logs that you will find within the exact same section of the CP are very detailed and contain information about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to stop the intrusion, etc. This data will allow you to take measures and enhance the protection of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our administrators add whenever they identify attacks which have not yet been included within the commercial pack.