ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and in case it detects an intrusion attempt, it prevents it. The firewall furthermore keeps a more thorough log for the website visitors than any server does, so you will be able to keep track of what is happening with your sites better than if you rely only on conventional logs. ModSecurity employs security rules based on which it stops attacks. For instance, it recognizes if somebody is attempting to log in to the administration area of a specific script multiple times or if a request is sent to execute a file with a particular command. In these cases these attempts trigger the corresponding rules and the firewall program hinders the attempts right away, after that records in-depth information about them in its logs. ModSecurity is one of the very best software firewalls on the market and it can protect your web applications against a huge number of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Cloud Hosting

ModSecurity comes by default with all cloud hosting plans that we offer and it shall be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you could switch on and deactivate it with simply a click or set it to detection mode, so it will maintain a log of all attacks, but it will not do anything to stop them. The log for any of your websites shall include comprehensive info including the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules which we use are frequently updated and include both commercial ones which we get from a third-party security business and custom ones that our system admins add in the event that they detect a new kind of attacks. In this way, the sites which you host here shall be far more protected with no action expected on your end.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting solutions and if you choose to host your Internet sites with us, there will not be anything special you'll have to do since the firewall is switched on by default for all domains and subdomains that you include through your hosting CP. If required, you could disable ModSecurity for a certain website or switch on the so-called detection mode in which case the firewall shall still operate and record data, but won't do anything to prevent potential attacks against your sites. Comprehensive logs shall be available within your Control Panel and you'll be able to see what type of attacks took place, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks originated from, and so forth. We use two kinds of rules on our servers - commercial ones from a business that operates in the field of web security, and custom ones that our admins sometimes include to respond to newly discovered threats on time.

ModSecurity in VPS Hosting

ModSecurity is pre-installed on all virtual private servers which are set up with the Hepsia hosting Control Panel, so your web applications will be secured from the instant your server is ready. The firewall is activated by default for any domain or subdomain on the VPS, but if required, you could deactivate it with a click via the corresponding section of Hepsia. You can also set it to work in detection mode, so it will keep a detailed log of any potential attacks without taking any action to prevent them. The logs are available in the very same section and offer details about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For best security, we employ not simply commercial rules from a business working in the field of web security, but also custom ones our administrators include manually so as to react to new risks that are still not dealt with in the commercial rules.

ModSecurity in Dedicated Web Hosting

If you choose to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web apps will be secured immediately because ModSecurity is available with all Hepsia-based solutions. You will be able to regulate the firewall with ease and if needed, you will be able to turn it off or switch on its passive mode when it'll only keep a log of what's happening without taking any action to prevent potential attacks. The logs which you will find in the exact same section of the CP are really detailed and include info about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall used to stop the intrusion, etcetera. This info shall permit you to take measures and enhance the protection of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our admins add every time they recognize attacks which have not yet been included in the commercial pack.