ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and if it identifies an intrusion attempt, it prevents it. The firewall furthermore keeps a more thorough log for the traffic than any web server does, so you'll be able to monitor what's going on with your Internet sites a lot better than if you rely only on standard logs. ModSecurity employs security rules based on which it stops attacks. For example, it recognizes whether anyone is attempting to log in to the admin area of a given script several times or if a request is sent to execute a file with a particular command. In these situations these attempts trigger the corresponding rules and the firewall blocks the attempts instantly, after that records in-depth info about them inside its logs. ModSecurity is one of the best software firewalls on the market and it can easily protect your web applications against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.

ModSecurity in Cloud Hosting

We offer ModSecurity with all cloud hosting solutions, so your Internet applications shall be shielded from destructive attacks. The firewall is turned on as standard for all domains and subdomains, but if you would like, you'll be able to stop it through the respective section of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you'll find within Hepsia are incredibly detailed and offer data about the nature of any attack, when it took place and from what IP address, the firewall rule that was triggered, and so forth. We employ a group of commercial rules that are constantly updated, but sometimes our administrators add custom rules as well in order to efficiently protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

We have integrated ModSecurity by default in all semi-dedicated hosting plans, so your web apps will be protected whenever you set them up under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts will permit you to switch on or turn off the firewall for any site with a click. You'll also have the ability to switch on a passive detection mode with which ModSecurity shall maintain a log of potential attacks without really preventing them. The comprehensive logs include the nature of the attack and what ModSecurity response this attack initiated, where it came from, etc. The list of rules which we employ is regularly updated in order to match any new threats which may appear on the Internet and it comes with both commercial rules that we get from a security firm and custom-written ones that our admins include if they find a threat that's not present in the commercial list yet.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers that are offered with the Hepsia hosting CP, so your web applications shall be secured from the moment your server is in a position. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if needed, you can deactivate it with a mouse click from the corresponding section of Hepsia. You may also set it to operate in detection mode, so it shall maintain a comprehensive log of any possible attacks without taking any action to prevent them. The logs can be found within the same section and offer details about the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For maximum security, we employ not just commercial rules from a company operating in the field of web security, but also custom ones our admins include personally so as to react to new risks that are still not addressed in the commercial rules.

ModSecurity in Dedicated Hosting

If you decide to host your Internet sites on a dedicated server with the Hepsia CP, your web apps shall be protected straight away since ModSecurity is provided with all Hepsia-based packages. You shall be able to regulate the firewall effortlessly and if required, you shall be able to turn it off or enable its passive mode when it will only maintain a log of what is happening without taking any action to stop possible attacks. The logs that you will find within the very same section of the Control Panel are quite detailed and feature info about the attacker IP address, what site and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, etcetera. This data will enable you to take measures and boost the security of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our administrators include whenever they recognize attacks that haven't yet been included inside the commercial pack.