ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its functionality and if it discovers an intrusion attempt, it blocks it. The firewall furthermore keeps a more detailed log for the traffic than any web server does, so you shall be able to keep track of what is happening with your sites a lot better than if you rely only on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For example, it recognizes if anyone is attempting to log in to the admin area of a certain script multiple times or if a request is sent to execute a file with a particular command. In these instances these attempts set off the corresponding rules and the firewall blocks the attempts right away, after that records detailed details about them inside its logs. ModSecurity is among the most effective software firewalls on the market and it can protect your web applications against many threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Website Hosting

We provide ModSecurity with all website hosting packages, so your Internet applications will be resistant to harmful attacks. The firewall is switched on by default for all domains and subdomains, but if you would like, you'll be able to stop it via the respective area of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you shall discover in Hepsia are quite detailed and feature data about the nature of any attack, when it occurred and from what IP, the firewall rule that was triggered, and so forth. We employ a group of commercial rules that are regularly updated, but sometimes our admins add custom rules as well so as to better protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

We have incorporated ModSecurity by default within all semi-dedicated hosting plans, so your web applications shall be protected whenever you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts will permit you to enable or disable the firewall for any site with a mouse click. You will also have the ability to activate a passive detection mode in which ModSecurity will keep a log of possible attacks without actually stopping them. The detailed logs include things like the nature of the attack and what ModSecurity response this attack activated, where it originated from, etc. The list of rules which we employ is constantly updated in order to match any new risks that might appear on the Internet and it includes both commercial rules that we get from a security business and custom-written ones that our administrators include in the event that they find a threat that is not present within the commercial list yet.

ModSecurity in VPS Hosting

ModSecurity comes with all Hepsia-based virtual private servers which we offer and it'll be switched on automatically for any new domain or subdomain that you add on the server. That way, any web application which you install shall be protected from the very beginning without doing anything personally on your end. The firewall can be managed through the section of the Control Panel that has the same name. This is the place in whichyou can switch off ModSecurity or enable its passive mode, so it will not take any action towards threats, but will still keep a comprehensive log. The recorded data is available in the same section as well and you will be able to see what IPs any attacks came from so that you can block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules that we use on our servers are a blend between commercial ones which we get from a security company and custom ones which are included by our administrators to improve the protection of any web applications hosted on our end.

ModSecurity in Dedicated Web Hosting

All of our dedicated servers that are set up with the Hepsia hosting Control Panel include ModSecurity, so any program that you upload or set up shall be protected from the very beginning and you will not need to stress about common attacks or vulnerabilities. An individual section in Hepsia will permit you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records details about intrusions, but doesn't take actions to stop them. What you will see in the logs shall enable you to to secure your Internet sites better - the IP an attack came from, what site was attacked and exactly how, what ModSecurity rule was triggered, and so forth. With this info, you'll be able to see if a website needs an update, if you need to block IPs from accessing your web server, and so on. Aside from the third-party commercial security rules for ModSecurity which we use, our admins add custom ones too whenever they find a new threat that is not yet in the commercial bundle.