ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its operation and in case it discovers an intrusion attempt, it blocks it. The firewall also keeps a more detailed log for the traffic than any server does, so you'll be able to monitor what's going on with your Internet sites much better than if you rely simply on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it detects if someone is attempting to log in to the administrator area of a certain script several times or if a request is sent to execute a file with a certain command. In such instances these attempts set off the corresponding rules and the software blocks the attempts right away, after that records comprehensive info about them within its logs. ModSecurity is among the very best software firewalls available and it can protect your web applications against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.

ModSecurity in Cloud Web Hosting

ModSecurity comes by default with all cloud web hosting solutions which we provide and it'll be activated automatically for any domain or subdomain you add/create in your Hepsia hosting Control Panel. The firewall has three different modes, so you'll be able to switch on and deactivate it with a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to prevent them. The log for each of your sites shall contain in-depth info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules we use are frequently updated and consist of both commercial ones which we get from a third-party security firm and custom ones our system administrators add in the event that they detect a new kind of attacks. This way, the sites you host here will be far more protected without any action expected on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages that we offer feature ModSecurity and because the firewall is enabled by default, any website which you build under a domain or a subdomain will be secured immediately. An independent section within the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll permit you to start and stop the firewall for any Internet site or switch on a detection mode. With the last option, ModSecurity won't take any action, but it will still detect possible attacks and shall keep all information inside a log as if it were fully active. The logs can be found in the very same section of the CP and they feature details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to detect and stop it, etc. The security rules that we employ on our servers are a mix between commercial ones from a security business and custom ones made by our system admins. For that reason, we provide greater security for your web programs as we can protect them from attacks before security corporations release updates for completely new threats.

ModSecurity in VPS Web Hosting

ModSecurity is included with all Hepsia-based virtual private servers we offer and it shall be activated automatically for any new domain or subdomain that you add on the hosting server. That way, any web application which you install shall be secured immediately without doing anything manually on your end. The firewall may be managed from the section of the Control Panel which bears the same name. This is the location in whichyou'll be able to turn off ModSecurity or enable its passive mode, so it will not take any action towards threats, but shall still maintain a thorough log. The recorded info is available inside the same area as well and you shall be able to see what IPs any attacks originated from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules which we employ on our servers are a mix between commercial ones that we get from a security firm and custom ones that are included by our administrators to improve the security of any web applications hosted on our end.

ModSecurity in Dedicated Servers Hosting

ModSecurity is provided with all dedicated servers which are set up with our Hepsia Control Panel and you'll not have to do anything specific on your end to use it since it is enabled by default whenever you add a new domain or subdomain on your server. In case it disrupts some of your programs, you shall be able to stop it via the respective section of Hepsia, or you can leave it working in passive mode, so it shall detect attacks and shall still maintain a log for them, but won't prevent them. You'll be able to examine the logs later to determine what you can do to increase the protection of your sites as you will find details such as where an intrusion attempt came from, what Internet site was attacked and in accordance with what rule ModSecurity responded, and so on. The rules that we use are commercial, hence they're frequently updated by a security provider, but to be on the safe side, our administrators also include custom rules from time to time in order to deal with any new threats they have found.