ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its operation and if it identifies an intrusion attempt, it blocks it. The firewall furthermore maintains a more thorough log for the website visitors than any web server does, so you shall manage to keep track of what is happening with your sites a lot better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it stops attacks. For example, it identifies whether anyone is attempting to log in to the admin area of a given script a number of times or if a request is sent to execute a file with a particular command. In these cases these attempts set off the corresponding rules and the software hinders the attempts immediately, after that records detailed information about them inside its logs. ModSecurity is amongst the most effective software firewalls out there and it can easily protect your web applications against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Shared Hosting

ModSecurity is available on all shared hosting servers, so when you choose to host your websites with our company, they'll be protected against an array of attacks. The firewall is turned on by default for all domains and subdomains, so there shall be nothing you'll have to do on your end. You'll be able to stop ModSecurity for any website if needed, or to enable a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You shall be able to view specific logs through your Hepsia Control Panel including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity dealt with the threat. As we take the safety of our customers' websites very seriously, we employ a group of commercial rules which we take from one of the top firms that maintain this sort of rules. Our administrators also include custom rules to ensure that your Internet sites will be protected against as many threats as possible.

ModSecurity in Semi-dedicated Hosting

Any web app which you install within your new semi-dedicated hosting account will be protected by ModSecurity as the firewall is provided with all our hosting packages and is turned on by default for any domain and subdomain that you include or create through your Hepsia hosting CP. You shall be able to manage ModSecurity via a dedicated section within Hepsia where not only could you activate or deactivate it entirely, but you could also switch on a passive mode, so the firewall will not stop anything, but it will still keep an archive of possible attacks. This takes simply a click and you shall be able to view the logs no matter if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, etcetera. The firewall employs two sets of rules on our machines - a commercial one that we get from a third-party web security company and a custom one which our admins update personally in order to respond to recently discovered threats as fast as possible.

ModSecurity in VPS Web Hosting

ModSecurity is pre-installed on all virtual private servers that are offered with the Hepsia hosting Control Panel, so your web programs will be protected from the moment your server is in a position. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if required, you can deactivate it with a click via the corresponding section of Hepsia. You could also set it to operate in detection mode, so it shall maintain an extensive log of any possible attacks without taking any action to stop them. The logs are available in the exact same section and provide details about the nature of the attack, what IP address it originated from and what ModSecurity rule was initiated to stop it. For maximum security, we employ not just commercial rules from a business operating in the field of web security, but also custom ones that our administrators include personally so as to react to new risks that are still not addressed in the commercial rules.

ModSecurity in Dedicated Servers Hosting

ModSecurity is provided with all dedicated servers which are set up with our Hepsia Control Panel and you won't need to do anything specific on your end to employ it as it's activated by default every time you include a new domain or subdomain on your hosting server. In case it interferes with some of your apps, you shall be able to stop it via the respective area of Hepsia, or you can leave it operating in passive mode, so it will detect attacks and will still keep a log for them, but will not stop them. You may analyze the logs later to learn what you can do to enhance the safety of your sites since you shall find info such as where an intrusion attempt came from, what Internet site was attacked and based on what rule ModSecurity responded, and so forth. The rules which we use are commercial, thus they're frequently updated by a security provider, but to be on the safe side, our admins also include custom rules from time to time as to respond to any new threats they have found.