ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its operation and if it discovers an intrusion attempt, it blocks it. The firewall additionally keeps a more thorough log for the site visitors than any web server does, so you will manage to keep track of what is happening with your sites much better than if you rely simply on standard logs. ModSecurity uses security rules based on which it stops attacks. For instance, it detects whether anyone is attempting to log in to the administrator area of a certain script a number of times or if a request is sent to execute a file with a certain command. In such instances these attempts set off the corresponding rules and the software hinders the attempts instantly, then records comprehensive information about them inside its logs. ModSecurity is amongst the most effective software firewalls out there and it can easily protect your web apps against many threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Shared Hosting

ModSecurity is available on all shared hosting machines, so when you choose to host your websites with our organization, they will be protected against an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you will need to do on your end. You will be able to stop ModSecurity for any website if needed, or to activate a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You'll be able to view detailed logs via your Hepsia Control Panel including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. Since we take the security of our clients' Internet sites very seriously, we use a selection of commercial rules which we take from one of the leading firms that maintain this type of rules. Our administrators also add custom rules to make certain that your Internet sites shall be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Servers

Any web program that you install within your new semi-dedicated server account will be protected by ModSecurity as the firewall is provided with all our hosting plans and is turned on by default for any domain and subdomain you include or create using your Hepsia hosting Control Panel. You'll be able to manage ModSecurity via a dedicated area within Hepsia where not only could you activate or deactivate it completely, but you can also switch on a passive mode, so the firewall won't stop anything, but it will still keep an archive of possible attacks. This requires only a click and you'll be able to see the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was addressed, and so on. The firewall uses two groups of rules on our web servers - a commercial one which we get from a third-party web security provider and a custom one which our admins update manually in order to respond to newly discovered threats as soon as possible.

ModSecurity in Dedicated Servers

When you decide to host your Internet sites on a dedicated server with the Hepsia CP, your web apps will be secured right away as ModSecurity is available with all Hepsia-based packages. You'll be able to control the firewall without difficulty and if needed, you will be able to turn it off or enable its passive mode when it shall only keep a log of what is happening without taking any action to stop possible attacks. The logs which you'll find inside the same section of the Control Panel are incredibly detailed and include data about the attacker IP, what website and file were attacked and in what way, what rule the firewall employed to stop the intrusion, and so forth. This data shall allow you to take measures and boost the security of your Internet sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our administrators include whenever they identify attacks that have not yet been included inside the commercial pack.