ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its performance and when it discovers an intrusion attempt, it prevents it. The firewall additionally keeps a more thorough log for the website visitors than any server does, so you'll manage to keep an eye on what's happening with your websites much better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it recognizes whether anyone is attempting to log in to the administration area of a given script several times or if a request is sent to execute a file with a particular command. In these situations these attempts set off the corresponding rules and the firewall blocks the attempts in real time, after that records detailed details about them in its logs. ModSecurity is amongst the best software firewalls out there and it can easily protect your web applications against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.

ModSecurity in Cloud Hosting

ModSecurity comes by default with all cloud hosting packages that we supply and it will be switched on automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to switch on and deactivate it with only a click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to stop them. The log for each of your Internet sites shall contain elaborate info such as the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules that we use are frequently updated and consist of both commercial ones that we get from a third-party security firm and custom ones our system admins include in the event that they detect a new type of attacks. That way, the sites which you host here shall be much more secure with no action expected on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans that we offer include ModSecurity and because the firewall is switched on by default, any site you create under a domain or a subdomain will be protected immediately. An individual section in the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it shall allow you to stop and start the firewall for any Internet site or activate a detection mode. With the last option, ModSecurity shall not take any action, but it'll still detect possible attacks and shall keep all info inside a log as if it were fully active. The logs can be found within the same section of the Control Panel and they feature information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules we employ on our web servers are a mix of commercial ones from a security company and custom ones created by our system administrators. Therefore, we provide increased security for your web applications as we can protect them from attacks even before security corporations release updates for brand new threats.

ModSecurity in VPS Servers

All VPS servers that are provided with the Hepsia CP come with ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the web server, so there will not be anything special that you shall have to do to protect your Internet sites. It will take you only a click to stop ModSecurity if required or to activate its passive mode so that it records what occurs without taking any actions to stop intrusions. You'll be able to view the logs created in passive or active mode from the corresponding section of Hepsia and discover more about the form of the attack, where it originated from, what rule the firewall employed to tackle it, and so on. We use a mixture of commercial and custom rules in order to make sure that ModSecurity will stop as many risks as possible, hence enhancing the security of your web apps as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is provided with all dedicated servers that are integrated with our Hepsia Control Panel and you'll not have to do anything specific on your end to use it because it is switched on by default every time you include a new domain or subdomain on your server. In the event that it interferes with some of your apps, you'll be able to stop it via the respective area of Hepsia, or you could leave it operating in passive mode, so it will identify attacks and will still keep a log for them, but shall not block them. You'll be able to examine the logs later to find out what you can do to boost the security of your sites as you shall find info such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity responded, etc. The rules which we employ are commercial, therefore they're constantly updated by a security company, but to be on the safe side, our administrators also add custom rules once in a while as to react to any new threats they have found.