ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its performance and in case it identifies an intrusion attempt, it prevents it. The firewall furthermore maintains a more detailed log for the website visitors than any server does, so you will manage to monitor what is going on with your websites much better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it stops attacks. For example, it recognizes whether somebody is attempting to log in to the administration area of a specific script several times or if a request is sent to execute a file with a specific command. In such cases these attempts set off the corresponding rules and the firewall blocks the attempts in real time, after that records comprehensive information about them inside its logs. ModSecurity is among the best software firewalls available and it can protect your web applications against many threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Website Hosting

ModSecurity is offered with each and every website hosting plan which we offer and it's switched on by default for any domain or subdomain which you include via your Hepsia Control Panel. In case it interferes with any of your programs or you'd like to disable it for some reason, you will be able to do that through the ModSecurity section of Hepsia with just a click. You may also use a passive mode, so the firewall will detect potential attacks and keep a log, but will not take any action. You can view extensive logs in the exact same section, including the IP address where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etcetera. For max safety of our clients we use a group of commercial firewall rules blended with custom ones that are included by our system admins.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans that we offer include ModSecurity and given that the firewall is turned on by default, any Internet site you create under a domain or a subdomain will be secured immediately. A separate section inside the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will permit you to stop and start the firewall for any site or enable a detection mode. With the latter, ModSecurity won't take any action, but it'll still identify possible attacks and will keep all info within a log as if it were fully active. The logs can be found within the very same section of the Control Panel and they include specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etcetera. The security rules we use on our web servers are a mix of commercial ones from a security firm and custom ones made by our system administrators. For that reason, we provide increased security for your web programs as we can shield them from attacks before security companies release updates for new threats.

ModSecurity in VPS Web Hosting

ModSecurity is included with all Hepsia-based virtual private servers that we offer and it shall be switched on automatically for any new domain or subdomain which you include on the machine. This way, any web app which you install will be secured immediately without doing anything manually on your end. The firewall may be managed via the section of the CP which has the same name. This is the area whereyou can switch off ModSecurity or let its passive mode, so it shall not take any action toward threats, but shall still maintain a thorough log. The recorded info is available in the same area as well and you'll be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules which we use on our servers are a mix between commercial ones which we get from a security company and custom ones which are included by our administrators to enhance the security of any web applications hosted on our end.

ModSecurity in Dedicated Servers Hosting

ModSecurity comes with all dedicated servers which are integrated with our Hepsia Control Panel and you'll not need to do anything specific on your end to employ it as it is turned on by default every time you include a new domain or subdomain on your server. In the event that it disrupts some of your programs, you will be able to stop it via the respective part of Hepsia, or you could leave it working in passive mode, so it will identify attacks and shall still maintain a log for them, but won't prevent them. You could examine the logs later to learn what you can do to enhance the safety of your websites as you shall find information such as where an intrusion attempt originated from, what site was attacked and based upon what rule ModSecurity responded, etcetera. The rules that we employ are commercial, thus they're frequently updated by a security firm, but to be on the safe side, our administrators also add custom rules from time to time in order to deal with any new threats they have discovered.