ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its functionality and if it discovers an intrusion attempt, it blocks it. The firewall also maintains a more detailed log for the traffic than any web server does, so you will manage to monitor what's happening with your websites a lot better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For instance, it recognizes whether somebody is trying to log in to the admin area of a given script a number of times or if a request is sent to execute a file with a certain command. In such cases these attempts set off the corresponding rules and the firewall program blocks the attempts immediately, and then records detailed details about them within its logs. ModSecurity is amongst the most effective software firewalls available and it can easily protect your web apps against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins often.

ModSecurity in Cloud Hosting

ModSecurity comes standard with all cloud hosting packages that we provide and it will be switched on automatically for any domain or subdomain which you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you can activate and disable it with only a click or set it to detection mode, so it'll maintain a log of all attacks, but it shall not do anything to stop them. The log for each of your sites will contain comprehensive info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules we use are frequently updated and include both commercial ones which we get from a third-party security company and custom ones which our system administrators include in the event that they detect a new sort of attacks. This way, the websites you host here shall be a lot more protected without any action expected on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages which we offer include ModSecurity and because the firewall is enabled by default, any site which you create under a domain or a subdomain shall be protected right from the start. An independent section within the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll allow you to start and stop the firewall for any website or enable a detection mode. With the latter, ModSecurity shall not take any action, but it shall still identify possible attacks and shall keep all data inside a log as if it were fully active. The logs could be found within the very same section of the CP and they offer info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules we employ on our machines are a mix between commercial ones from a security company and custom ones made by our system admins. As a result, we offer higher security for your web applications as we can shield them from attacks before security firms release updates for completely new threats.

ModSecurity in VPS Web Hosting

ModSecurity is included with all Hepsia-based virtual private servers that we offer and it will be turned on automatically for any new domain or subdomain you add on the hosting server. That way, any web application which you install shall be secured right from the start without doing anything by hand on your end. The firewall may be handled via the section of the Control Panel which has the same name. This is the area in whichyou could switch off ModSecurity or activate its passive mode, so it won't take any action toward threats, but will still keep a thorough log. The recorded information is available inside the same area as well and you'll be able to see what IPs any attacks originated from so that you can block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules which we employ on our servers are a blend between commercial ones which we get from a security company and custom ones that are included by our administrators to optimize the protection of any web applications hosted on our end.

ModSecurity in Dedicated Servers Hosting

All of our dedicated servers that are installed with the Hepsia hosting Control Panel include ModSecurity, so any app that you upload or set up shall be secured from the very beginning and you won't need to stress about common attacks or vulnerabilities. An individual section within Hepsia will allow you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you shall discover in the logs can easily allow you to to secure your Internet sites better - the IP address an attack came from, what website was attacked and in what way, what ModSecurity rule was triggered, etc. With this info, you could see if a website needs an update, if you should block IPs from accessing your hosting server, etcetera. In addition to the third-party commercial security rules for ModSecurity that we use, our admins add custom ones as well if they find a new threat which is not yet in the commercial bundle.