ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its overall performance and when it detects an intrusion attempt, it blocks it. The firewall furthermore maintains a more comprehensive log for the site visitors than any web server does, so you'll manage to keep an eye on what's happening with your websites a lot better than if you rely merely on standard logs. ModSecurity works with security rules based on which it stops attacks. For example, it detects whether someone is trying to log in to the administrator area of a certain script several times or if a request is sent to execute a file with a certain command. In such cases these attempts trigger the corresponding rules and the firewall hinders the attempts right away, and then records in-depth info about them in its logs. ModSecurity is among the very best software firewalls out there and it can easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Cloud Website Hosting

ModSecurity comes by default with all cloud website hosting plans that we provide and it will be activated automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you could switch on and deactivate it with a click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to stop them. The log for each of your Internet sites will contain detailed info such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules we use are regularly updated and include both commercial ones that we get from a third-party security firm and custom ones which our system admins include in case that they detect a new type of attacks. That way, the websites you host here shall be a lot more secure without any action needed on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages that we offer include ModSecurity and since the firewall is switched on by default, any website which you build under a domain or a subdomain will be secured immediately. An individual section within the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll enable you to stop and start the firewall for any Internet site or enable a detection mode. With the last option, ModSecurity won't take any action, but it will still identify possible attacks and shall keep all data in a log as if it were completely active. The logs can be found within the same section of the Control Panel and they offer details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, etcetera. The security rules which we employ on our servers are a mix between commercial ones from a security company and custom ones made by our system admins. For that reason, we offer increased security for your web applications as we can defend them from attacks before security corporations release updates for brand new threats.

ModSecurity in VPS Servers

All VPS servers that are offered with the Hepsia Control Panel come with ModSecurity. The firewall is set up and activated by default for all domains that are hosted on the machine, so there shall not be anything special which you will have to do to protect your Internet sites. It shall take you just a mouse click to stop ModSecurity if needed or to activate its passive mode so that it records what goes on without taking any steps to stop intrusions. You will be able to view the logs created in passive or active mode via the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall employed to tackle it, and so on. We use a combination of commercial and custom rules in order to ensure that ModSecurity shall prevent as many risks as possible, hence boosting the security of your web programs as much as possible.

ModSecurity in Dedicated Servers

All our dedicated servers which are installed with the Hepsia hosting Control Panel feature ModSecurity, so any application which you upload or set up will be protected from the very beginning and you won't have to bother about common attacks or vulnerabilities. An individual section within Hepsia will permit you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you shall find in the logs can easily enable you to to secure your websites better - the IP an attack originated from, what website was attacked and in what way, what ModSecurity rule was triggered, etc. With this information, you can see if an Internet site needs an update, if you ought to block IPs from accessing your server, etc. Aside from the third-party commercial security rules for ModSecurity we use, our administrators add custom ones as well when they discover a new threat which is not yet a part of the commercial bundle.