ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its overall performance and when it discovers an intrusion attempt, it prevents it. The firewall furthermore keeps a more comprehensive log for the site visitors than any web server does, so you'll manage to keep track of what is happening with your websites better than if you rely simply on standard logs. ModSecurity works with security rules based on which it stops attacks. For instance, it detects whether someone is trying to log in to the admin area of a certain script a number of times or if a request is sent to execute a file with a specific command. In such situations these attempts trigger the corresponding rules and the firewall program hinders the attempts instantly, after that records in-depth info about them in its logs. ModSecurity is one of the best software firewalls available and it can protect your web applications against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.

ModSecurity in Cloud Website Hosting

ModSecurity comes by default with all cloud website hosting packages which we offer and it shall be switched on automatically for any domain or subdomain that you add/create within your Hepsia hosting Control Panel. The firewall has three different modes, so you'll be able to switch on and disable it with a click or set it to detection mode, so it will maintain a log of all attacks, but it will not do anything to stop them. The log for each of your sites shall contain in-depth info such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules that we use are regularly updated and consist of both commercial ones that we get from a third-party security business and custom ones which our system administrators add in the event that they detect a new kind of attacks. In this way, the websites you host here shall be way more protected with no action needed on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions that we offer come with ModSecurity and since the firewall is turned on by default, any site that you create under a domain or a subdomain will be protected right away. An independent section within the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it shall permit you to stop and start the firewall for any Internet site or activate a detection mode. With the last option, ModSecurity will not take any action, but it'll still identify possible attacks and shall keep all info within a log as if it were completely active. The logs could be found within the exact same section of the CP and they feature info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules we use on our web servers are a mix between commercial ones from a security company and custom ones created by our system admins. As a result, we offer increased security for your web apps as we can defend them from attacks before security companies release updates for new threats.

ModSecurity in VPS Web Hosting

ModSecurity comes with all Hepsia-based virtual private servers that we offer and it'll be activated automatically for every new domain or subdomain that you include on the web server. This way, any web application that you install will be secured from the very beginning without doing anything personally on your end. The firewall can be handled via the section of the Control Panel that bears the same name. This is the place in whichyou could turn off ModSecurity or activate its passive mode, so it won't take any action toward threats, but shall still keep a comprehensive log. The recorded info is available within the same section as well and you'll be able to see what IPs any attacks originated from to enable you to block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules that we employ on our servers are a mixture between commercial ones which we get from a security organization and custom ones which are added by our administrators to optimize the security of any web applications hosted on our end.

ModSecurity in Dedicated Servers Hosting

ModSecurity comes with all dedicated servers that are set up with our Hepsia Control Panel and you will not have to do anything specific on your end to employ it as it's switched on by default each time you include a new domain or subdomain on your web server. In the event that it interferes with any of your programs, you will be able to stop it through the respective area of Hepsia, or you could leave it working in passive mode, so it'll recognize attacks and shall still keep a log for them, but will not prevent them. You could look at the logs later to learn what you can do to boost the security of your Internet sites since you'll find details such as where an intrusion attempt came from, what website was attacked and based upon what rule ModSecurity responded, and so on. The rules that we use are commercial, hence they are constantly updated by a security firm, but to be on the safe side, our admins also add custom rules occasionally in order to deal with any new threats they have found.