ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its overall performance and in case it detects an intrusion attempt, it blocks it. The firewall also keeps a more comprehensive log for the site visitors than any web server does, so you'll manage to monitor what is going on with your sites much better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it identifies whether anyone is trying to log in to the administrator area of a given script multiple times or if a request is sent to execute a file with a specific command. In these instances these attempts set off the corresponding rules and the firewall blocks the attempts in real time, then records in-depth info about them in its logs. ModSecurity is among the best software firewalls out there and it can easily protect your web apps against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.

ModSecurity in Cloud Website Hosting

ModSecurity comes by default with all cloud website hosting solutions which we offer and it'll be turned on automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has three different modes, so you could switch on and deactivate it with only a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it'll not do anything to stop them. The log for each of your Internet sites will include elaborate information such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are frequently updated and comprise of both commercial ones that we get from a third-party security firm and custom ones our system administrators include in the event that they detect a new kind of attacks. This way, the Internet sites that you host here will be far more secure with no action expected on your end.

ModSecurity in Semi-dedicated Hosting

Any web app you set up inside your new semi-dedicated hosting account shall be protected by ModSecurity because the firewall comes with all our hosting plans and is activated by default for any domain and subdomain which you include or create via your Hepsia hosting Control Panel. You'll be able to manage ModSecurity through a dedicated section inside Hepsia where not only can you activate or deactivate it entirely, but you may also switch on a passive mode, so the firewall won't block anything, but it shall still maintain an archive of possible attacks. This normally requires just a click and you'll be able to see the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was dealt with, etcetera. The firewall uses two groups of rules on our web servers - a commercial one that we get from a third-party web security firm and a custom one which our admins update personally in order to respond to recently discovered threats at the earliest opportunity.

ModSecurity in VPS Web Hosting

ModSecurity is included with all Hepsia-based virtual private servers we offer and it'll be activated automatically for every new domain or subdomain which you add on the hosting server. That way, any web application that you install shall be secured right away without doing anything personally on your end. The firewall could be handled from the section of the Control Panel that has the same name. This is the place in whichyou could disable ModSecurity or enable its passive mode, so it shall not take any action toward threats, but shall still maintain a thorough log. The recorded information is available inside the same area as well and you shall be able to see what IPs any attacks came from so that you can block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules which we employ on our servers are a combination between commercial ones that we obtain from a security firm and custom ones which are added by our admins to enhance the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers Hosting

ModSecurity comes with all dedicated servers that are integrated with our Hepsia Control Panel and you will not have to do anything specific on your end to use it since it's turned on by default every time you add a new domain or subdomain on your web server. In the event that it interferes with any of your programs, you'll be able to stop it via the respective area of Hepsia, or you can leave it working in passive mode, so it shall detect attacks and shall still maintain a log for them, but shall not prevent them. You could look at the logs later to determine what you can do to boost the safety of your sites as you'll find information such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity reacted, and so forth. The rules which we use are commercial, therefore they are frequently updated by a security provider, but to be on the safe side, our admins also add custom rules every now and then as to deal with any new threats they have found.