ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its overall performance and when it detects an intrusion attempt, it prevents it. The firewall additionally maintains a more detailed log for the website visitors than any server does, so you will manage to keep track of what is happening with your websites much better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For example, it identifies if someone is attempting to log in to the admin area of a particular script several times or if a request is sent to execute a file with a particular command. In these cases these attempts trigger the corresponding rules and the firewall program hinders the attempts instantly, and then records comprehensive info about them in its logs. ModSecurity is among the very best software firewalls on the market and it can protect your web apps against a huge number of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.

ModSecurity in Shared Website Hosting

We offer ModSecurity with all shared website hosting packages, so your web apps shall be shielded from malicious attacks. The firewall is turned on as standard for all domains and subdomains, but in case you'd like, you will be able to stop it using the respective part of your Hepsia CP. You can also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you'll find inside Hepsia are quite detailed and offer info about the nature of any attack, when it occurred and from what IP, the firewall rule that was triggered, and so on. We employ a group of commercial rules that are often updated, but sometimes our administrators include custom rules as well so as to better protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

Any web app you install in your new semi-dedicated server account will be protected by ModSecurity since the firewall is provided with all our hosting solutions and is activated by default for any domain and subdomain you add or create via your Hepsia hosting CP. You shall be able to manage ModSecurity through a dedicated area inside Hepsia where not only can you activate or deactivate it completely, but you can also activate a passive mode, so the firewall shall not block anything, but it shall still keep an archive of potential attacks. This normally requires just a mouse click and you'll be able to see the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it came from, how it was handled, and so forth. The firewall employs two sets of rules on our web servers - a commercial one which we get from a third-party web security company and a custom one that our administrators update personally as to respond to recently discovered risks as soon as possible.

ModSecurity in Dedicated Servers

When you choose to host your sites on a dedicated server with the Hepsia CP, your web apps will be protected immediately as ModSecurity is provided with all Hepsia-based solutions. You'll be able to regulate the firewall easily and if necessary, you shall be able to turn it off or enable its passive mode when it will only keep a log of what's going on without taking any action to stop possible attacks. The logs that you can find inside the same section of the CP are incredibly detailed and feature data about the attacker IP address, what website and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so forth. This info will enable you to take measures and boost the security of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our staff include when they identify attacks which have not yet been included in the commercial pack.