ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its overall performance and when it identifies an intrusion attempt, it blocks it. The firewall also keeps a more thorough log for the traffic than any web server does, so you'll manage to keep track of what is going on with your sites a lot better than if you rely only on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For example, it detects whether somebody is trying to log in to the admin area of a particular script multiple times or if a request is sent to execute a file with a certain command. In such situations these attempts set off the corresponding rules and the firewall software blocks the attempts instantly, after that records in-depth info about them within its logs. ModSecurity is among the very best software firewalls on the market and it could easily protect your web apps against many threats and vulnerabilities, especially if you don’t update them or their plugins regularly.

ModSecurity in Cloud Web Hosting

ModSecurity comes by default with all cloud web hosting plans that we supply and it will be switched on automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has three different modes, so you'll be able to activate and disable it with a click or set it to detection mode, so it'll keep a log of all attacks, but it'll not do anything to prevent them. The log for each of your sites will feature detailed information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are regularly updated and consist of both commercial ones which we get from a third-party security business and custom ones that our system admins include in the event that they detect a new kind of attacks. That way, the sites you host here shall be far more secure with no action expected on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages that we offer come with ModSecurity and given that the firewall is switched on by default, any website you set up under a domain or a subdomain will be secured right away. An individual section in the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it will permit you to stop and start the firewall for any website or switch on a detection mode. With the last mentioned, ModSecurity won't take any action, but it'll still recognize possible attacks and shall keep all information in a log as if it were 100% active. The logs could be found within the very same section of the Control Panel and they include info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules we use on our servers are a mix of commercial ones from a security business and custom ones developed by our system administrators. Consequently, we offer increased security for your web apps as we can shield them from attacks before security firms release updates for brand new threats.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers that are offered with the Hepsia hosting CP, so your web applications shall be protected from the moment your server is in a position. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if needed, you can disable it with a click of your mouse through the corresponding section of Hepsia. You may also set it to function in detection mode, so it will maintain a detailed log of any possible attacks without taking any action to prevent them. The logs can be found in the exact same section and provide details about the nature of the attack, what IP address it originated from and what ModSecurity rule was triggered to stop it. For maximum security, we employ not simply commercial rules from a company operating in the field of web security, but also custom ones that our administrators include personally in order to respond to new risks which are still not addressed in the commercial rules.

ModSecurity in Dedicated Hosting

When you choose to host your sites on a dedicated server with the Hepsia CP, your web applications will be protected right from the start since ModSecurity is provided with all Hepsia-based packages. You shall be able to control the firewall without difficulty and if necessary, you'll be able to turn it off or enable its passive mode when it'll only maintain a log of what is occurring without taking any action to prevent possible attacks. The logs that you will find inside the very same section of the CP are extremely detailed and feature details about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall used to stop the intrusion, etc. This information shall allow you to take measures and boost the security of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our staff add whenever they identify attacks that haven't yet been included inside the commercial pack.