ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its operation and if it discovers an intrusion attempt, it blocks it. The firewall also keeps a more detailed log for the traffic than any web server does, so you shall manage to monitor what is happening with your sites a lot better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it helps prevent attacks. For example, it recognizes if someone is trying to log in to the administrator area of a certain script several times or if a request is sent to execute a file with a particular command. In these circumstances these attempts set off the corresponding rules and the software hinders the attempts in real time, then records detailed info about them in its logs. ModSecurity is one of the very best software firewalls available and it can protect your web applications against a large number of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Shared Hosting

We offer ModSecurity with all shared hosting solutions, so your Internet apps shall be shielded from harmful attacks. The firewall is turned on by default for all domains and subdomains, but in case you'd like, you shall be able to stop it using the respective area of your Hepsia CP. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you will find in Hepsia are very detailed and include data about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, and so on. We use a set of commercial rules that are frequently updated, but sometimes our admins add custom rules as well in order to better protect the Internet sites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans that we offer feature ModSecurity and because the firewall is switched on by default, any site which you create under a domain or a subdomain will be secured immediately. An individual section within the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it will allow you to stop and start the firewall for any site or enable a detection mode. With the last mentioned, ModSecurity shall not take any action, but it shall still recognize possible attacks and will keep all information inside a log as if it were 100% active. The logs could be found within the exact same section of the Control Panel and they include details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules we use on our servers are a mix between commercial ones from a security company and custom ones made by our system admins. For that reason, we offer greater security for your web applications as we can shield them from attacks before security businesses release updates for brand new threats.

ModSecurity in VPS Hosting

Security is of the utmost importance to us, so we install ModSecurity on all virtual private servers which are made available with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section in Hepsia and is activated automatically when you include a new domain or create a subdomain, so you'll not need to do anything personally. You will also be able to disable it or turn on the so-called detection mode, so it'll keep a log of potential attacks you can later study, but will not block them. The logs in both passive and active modes contain details about the form of the attack and how it was prevented, what IP address it came from and other valuable information which may help you to tighten the security of your sites by updating them or blocking IPs, as an example. On top of the commercial rules which we get for ModSecurity from a third-party security firm, we also use our own rules as from time to time we discover specific attacks which aren't yet present within the commercial pack. This way, we could increase the protection of your Virtual private server promptly rather than waiting for an official update.

ModSecurity in Dedicated Web Hosting

When you choose to host your websites on a dedicated server with the Hepsia CP, your web applications will be protected straight away as ModSecurity is available with all Hepsia-based packages. You shall be able to control the firewall easily and if needed, you will be able to turn it off or switch on its passive mode when it'll only maintain a log of what is going on without taking any action to stop possible attacks. The logs that you'll find inside the exact same section of the CP are very detailed and feature information about the attacker IP address, what site and file were attacked and in what way, what rule the firewall used to stop the intrusion, and so forth. This data will allow you to take measures and enhance the security of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our staff include every time they detect attacks which have not yet been included in the commercial pack.