ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its performance and when it discovers an intrusion attempt, it prevents it. The firewall also maintains a more thorough log for the website visitors than any web server does, so you'll be able to keep an eye on what's going on with your Internet sites better than if you rely only on conventional logs. ModSecurity works with security rules based on which it stops attacks. For instance, it detects if anyone is attempting to log in to the administration area of a particular script a number of times or if a request is sent to execute a file with a particular command. In such cases these attempts set off the corresponding rules and the firewall program hinders the attempts instantly, and then records in-depth details about them in its logs. ModSecurity is amongst the most effective software firewalls available and it can protect your web apps against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.

ModSecurity in Cloud Web Hosting

ModSecurity comes by default with all cloud web hosting solutions that we offer and it shall be turned on automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you can switch on and deactivate it with only a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to prevent them. The log for any of your websites will contain elaborate information including the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules which we use are regularly updated and include both commercial ones we get from a third-party security company and custom ones our system admins add in the event that they detect a new sort of attacks. This way, the websites that you host here shall be a lot more secure without any action required on your end.

ModSecurity in Semi-dedicated Hosting

Any web application which you install inside your new semi-dedicated hosting account will be protected by ModSecurity because the firewall is provided with all our hosting plans and is switched on by default for any domain and subdomain which you add or create via your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated area within Hepsia where not only can you activate or deactivate it fully, but you could also activate a passive mode, so the firewall won't block anything, but it will still keep a record of potential attacks. This normally requires only a click and you will be able to see the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was dealt with, etcetera. The firewall employs two groups of rules on our machines - a commercial one that we get from a third-party web security provider and a custom one which our administrators update personally in order to respond to newly discovered risks as soon as possible.

ModSecurity in VPS Web Hosting

ModSecurity is provided with all Hepsia-based virtual private servers we offer and it shall be activated automatically for every new domain or subdomain you include on the web server. That way, any web app that you install will be secured right away without doing anything by hand on your end. The firewall may be handled through the section of the Control Panel that bears the same name. This is the area whereyou can switch off ModSecurity or let its passive mode, so it won't take any action against threats, but shall still keep a thorough log. The recorded data is available within the same area as well and you will be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules we use on our servers are a mix between commercial ones that we get from a security firm and custom ones which are added by our staff to improve the protection of any web applications hosted on our end.

ModSecurity in Dedicated Servers Hosting

ModSecurity is included with all dedicated servers which are integrated with our Hepsia Control Panel and you will not need to do anything specific on your end to employ it since it is activated by default every time you include a new domain or subdomain on your server. If it disrupts any of your programs, you'll be able to stop it through the respective part of Hepsia, or you may leave it working in passive mode, so it will detect attacks and shall still maintain a log for them, but will not prevent them. You may look at the logs later to determine what you can do to enhance the security of your Internet sites as you shall find info such as where an intrusion attempt came from, what website was attacked and in accordance with what rule ModSecurity reacted, and so forth. The rules we use are commercial, therefore they're frequently updated by a security company, but to be on the safe side, our admins also add custom rules from time to time as to deal with any new threats they have found.