ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its overall performance and when it detects an intrusion attempt, it blocks it. The firewall also keeps a more detailed log for the website visitors than any server does, so you'll manage to keep an eye on what is happening with your sites a lot better than if you rely simply on standard logs. ModSecurity uses security rules based on which it stops attacks. For example, it detects if somebody is attempting to log in to the admin area of a particular script several times or if a request is sent to execute a file with a specific command. In such circumstances these attempts set off the corresponding rules and the software blocks the attempts immediately, after that records comprehensive details about them within its logs. ModSecurity is one of the most effective software firewalls available and it could easily protect your web applications against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins often.

ModSecurity in Cloud Web Hosting

ModSecurity comes by default with all cloud web hosting solutions which we offer and it shall be activated automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you could activate and deactivate it with a click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to stop them. The log for any of your websites will contain in-depth information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are constantly updated and incorporate both commercial ones which we get from a third-party security firm and custom ones that our system administrators add in case that they detect a new kind of attacks. This way, the Internet sites that you host here will be a lot more secure without any action needed on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans that we offer feature ModSecurity and given that the firewall is enabled by default, any website which you set up under a domain or a subdomain will be secured straight away. A separate section in the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall permit you to start and stop the firewall for any site or enable a detection mode. With the last option, ModSecurity won't take any action, but it will still recognize possible attacks and will keep all information in a log as if it were 100% active. The logs can be found in the very same section of the Control Panel and they offer info about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules that we employ on our web servers are a mix between commercial ones from a security business and custom ones developed by our system administrators. Consequently, we offer increased security for your web applications as we can shield them from attacks before security businesses release updates for completely new threats.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers that are set up with the Hepsia hosting Control Panel, so your web applications shall be protected from the instant your server is in a position. The firewall is activated by default for any domain or subdomain on the VPS, but if necessary, you could deactivate it with a click from the corresponding section of Hepsia. You can also set it to function in detection mode, so it shall maintain an extensive log of any possible attacks without taking any action to prevent them. The logs can be found inside the exact same section and offer information about the nature of the attack, what IP it came from and what ModSecurity rule was initiated to stop it. For best security, we employ not simply commercial rules from a firm operating in the field of web security, but also custom ones our admins include manually so as to respond to new threats that are still not addressed in the commercial rules.

ModSecurity in Dedicated Servers

When you choose to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web programs shall be protected right from the start as ModSecurity is provided with all Hepsia-based solutions. You shall be able to manage the firewall effortlessly and if necessary, you'll be able to turn it off or switch on its passive mode when it will only maintain a log of what's taking place without taking any action to stop possible attacks. The logs which you'll find in the exact same section of the Control Panel are extremely detailed and contain info about the attacker IP address, what site and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, and so forth. This info shall permit you to take measures and boost the protection of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our admins include whenever they identify attacks which haven't yet been included within the commercial pack.