ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its operation and if it detects an intrusion attempt, it blocks it. The firewall additionally keeps a more comprehensive log for the site visitors than any web server does, so you'll manage to keep track of what is going on with your sites better than if you rely only on conventional logs. ModSecurity works with security rules based on which it helps prevent attacks. For instance, it identifies if somebody is trying to log in to the administrator area of a given script a number of times or if a request is sent to execute a file with a certain command. In these situations these attempts set off the corresponding rules and the firewall program hinders the attempts in real time, after that records in-depth information about them inside its logs. ModSecurity is among the best software firewalls on the market and it could easily protect your web applications against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

ModSecurity comes standard with all cloud hosting plans that we provide and it will be turned on automatically for any domain or subdomain you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could activate and deactivate it with only a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to prevent them. The log for each of your sites will feature elaborate info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules that we use are constantly updated and consist of both commercial ones that we get from a third-party security business and custom ones our system admins include in the event that they detect a new sort of attacks. That way, the Internet sites you host here shall be far more protected with no action required on your end.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting packages and if you choose to host your sites with our company, there will not be anything special you will have to do given that the firewall is activated by default for all domains and subdomains that you include via your hosting Control Panel. If necessary, you can disable ModSecurity for a certain site or activate the so-called detection mode in which case the firewall will still operate and record data, but won't do anything to prevent possible attacks on your websites. In depth logs shall be readily available in your Control Panel and you shall be able to see which kind of attacks happened, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, and so on. We employ 2 types of rules on our servers - commercial ones from a business which operates in the field of web security, and custom made ones that our administrators often add to respond to newly discovered threats promptly.

ModSecurity in VPS Web Hosting

ModSecurity is pre-installed on all virtual private servers which are set up with the Hepsia hosting Control Panel, so your web apps shall be secured from the instant your server is in a position. The firewall is activated by default for any domain or subdomain on the VPS, but if required, you can deactivate it with a mouse click via the corresponding section of Hepsia. You can also set it to operate in detection mode, so it'll keep an extensive log of any potential attacks without taking any action to stop them. The logs are available within the very same section and include information about the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For maximum security, we use not simply commercial rules from a company working in the field of web security, but also custom ones our administrators add manually so as to react to new threats which are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers Hosting

ModSecurity comes with all dedicated servers which are set up with our Hepsia Control Panel and you won't need to do anything specific on your end to employ it since it is enabled by default whenever you add a new domain or subdomain on your web server. If it disrupts some of your apps, you will be able to stop it through the respective area of Hepsia, or you may leave it operating in passive mode, so it'll recognize attacks and shall still keep a log for them, but shall not prevent them. You can analyze the logs later to determine what you can do to boost the protection of your sites as you shall find information such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity reacted, etc. The rules we employ are commercial, therefore they're regularly updated by a security company, but to be on the safe side, our administrators also include custom rules every now and then in order to react to any new threats they have identified.