ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its operation and in case it discovers an intrusion attempt, it prevents it. The firewall furthermore keeps a more thorough log for the website visitors than any web server does, so you'll manage to monitor what's going on with your sites much better than if you rely only on standard logs. ModSecurity uses security rules based on which it stops attacks. For instance, it recognizes if somebody is trying to log in to the admin area of a particular script multiple times or if a request is sent to execute a file with a certain command. In such instances these attempts trigger the corresponding rules and the firewall blocks the attempts instantly, and then records in-depth info about them within its logs. ModSecurity is one of the best software firewalls on the market and it can protect your web apps against many threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

ModSecurity is supplied with all cloud hosting web servers, so if you decide to host your Internet sites with our company, they'll be shielded from a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there will be nothing you'll have to do on your end. You will be able to stop ModSecurity for any site if required, or to activate a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view comprehensive logs from your Hepsia CP including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity dealt with the threat. As we take the protection of our customers' Internet sites very seriously, we employ a set of commercial rules which we get from one of the best firms that maintain this type of rules. Our administrators also add custom rules to ensure that your websites shall be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting plans and if you opt to host your sites with our company, there shall not be anything special you'll need to do given that the firewall is switched on by default for all domains and subdomains which you add using your hosting CP. If needed, you could disable ModSecurity for a certain website or enable the so-called detection mode in which case the firewall will still operate and record info, but shall not do anything to stop possible attacks against your sites. Detailed logs shall be accessible inside your Control Panel and you'll be able to see which kind of attacks took place, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, etcetera. We use two types of rules on our servers - commercial ones from a firm which operates in the field of web security, and customized ones which our administrators occasionally include to respond to newly discovered threats on time.

ModSecurity in VPS Hosting

Protection is extremely important to us, so we install ModSecurity on all virtual private servers that are set up with the Hepsia Control Panel as a standard. The firewall could be managed via a dedicated section in Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you'll not need to do anything by hand. You shall also be able to deactivate it or turn on the so-called detection mode, so it will keep a log of possible attacks which you can later analyze, but won't prevent them. The logs in both passive and active modes contain information regarding the form of the attack and how it was stopped, what IP address it came from and other useful info which could help you to tighten the security of your sites by updating them or blocking IPs, for instance. On top of the commercial rules which we get for ModSecurity from a third-party security enterprise, we also use our own rules since from time to time we discover specific attacks that aren't yet present within the commercial package. That way, we can improve the security of your Virtual private server immediately instead of waiting for an official update.

ModSecurity in Dedicated Web Hosting

When you opt to host your sites on a dedicated server with the Hepsia Control Panel, your web applications shall be secured immediately as ModSecurity is available with all Hepsia-based plans. You will be able to control the firewall effortlessly and if needed, you shall be able to turn it off or switch on its passive mode when it will only maintain a log of what's going on without taking any action to stop potential attacks. The logs that you will find in the very same section of the Control Panel are quite detailed and include details about the attacker IP, what website and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, and so on. This info shall allow you to take measures and enhance the security of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our administrators add every time they detect attacks which have not yet been included in the commercial pack.