ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its performance and when it detects an intrusion attempt, it prevents it. The firewall additionally keeps a more comprehensive log for the site visitors than any server does, so you will be able to keep track of what's going on with your sites much better than if you rely simply on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it detects if anyone is trying to log in to the admin area of a certain script several times or if a request is sent to execute a file with a specific command. In such circumstances these attempts trigger the corresponding rules and the firewall hinders the attempts immediately, and then records in-depth information about them within its logs. ModSecurity is among the very best software firewalls out there and it can easily protect your web apps against a huge number of threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.

ModSecurity in Cloud Website Hosting

ModSecurity comes standard with all cloud website hosting plans that we offer and it'll be switched on automatically for any domain or subdomain which you add/create within your Hepsia hosting Control Panel. The firewall has three different modes, so you can switch on and disable it with only a mouse click or set it to detection mode, so it'll maintain a log of all attacks, but it shall not do anything to prevent them. The log for each of your Internet sites will contain in-depth info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are frequently updated and comprise of both commercial ones we get from a third-party security company and custom ones our system admins add in case that they detect a new kind of attacks. That way, the sites which you host here will be far more protected with no action required on your end.

ModSecurity in Semi-dedicated Hosting

We have incorporated ModSecurity by default inside all semi-dedicated hosting plans, so your web applications will be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall allow you to activate or disable the firewall for any Internet site with a click. You'll also have the ability to activate a passive detection mode in which ModSecurity shall maintain a log of possible attacks without really preventing them. The thorough logs include things like the nature of the attack and what ModSecurity response that attack initiated, where it came from, etc. The list of rules which we employ is regularly updated as to match any new risks that could appear on the Internet and it consists of both commercial rules that we get from a security company and custom-written ones that our administrators add in the event that they discover a threat which is not present in the commercial list yet.

ModSecurity in VPS Hosting

ModSecurity is provided with all Hepsia-based virtual private servers that we offer and it shall be switched on automatically for any new domain or subdomain which you add on the web server. That way, any web app you install shall be secured immediately without doing anything by hand on your end. The firewall can be handled via the section of the Control Panel which has the same name. This is the area in whichyou can turn off ModSecurity or activate its passive mode, so it shall not take any action against threats, but will still keep a thorough log. The recorded info is available within the same area as well and you will be able to see what IPs any attacks came from so that you block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules we employ on our servers are a mixture between commercial ones which we obtain from a security firm and custom ones which are included by our admins to optimize the protection of any web applications hosted on our end.

ModSecurity in Dedicated Web Hosting

All our dedicated servers which are set up with the Hepsia hosting Control Panel include ModSecurity, so any program you upload or install will be secured from the very beginning and you will not need to stress about common attacks or vulnerabilities. A separate section in Hepsia will enable you to start or stop the firewall for every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you will discover in the logs shall allow you to to secure your Internet sites better - the IP address an attack originated from, what website was attacked and in what way, what ModSecurity rule was triggered, etc. With this info, you'll be able to see if a website needs an update, whether you ought to block IPs from accessing your hosting server, etcetera. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones too when they find a new threat that's not yet in the commercial bundle.