ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its performance and if it detects an intrusion attempt, it blocks it. The firewall additionally maintains a more detailed log for the website visitors than any server does, so you shall manage to monitor what's happening with your Internet sites better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it stops attacks. For instance, it detects if somebody is trying to log in to the admin area of a certain script a number of times or if a request is sent to execute a file with a specific command. In such situations these attempts trigger the corresponding rules and the firewall blocks the attempts immediately, after that records in-depth information about them within its logs. ModSecurity is one of the very best software firewalls out there and it can easily protect your web apps against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.

ModSecurity in Cloud Hosting

ModSecurity can be found with each cloud hosting package that we offer and it is switched on by default for any domain or subdomain that you include via your Hepsia Control Panel. In case it disrupts any of your apps or you would like to disable it for whatever reason, you shall be able to do this through the ModSecurity section of Hepsia with just a mouse click. You could also enable a passive mode, so the firewall will identify potential attacks and maintain a log, but will not take any action. You could see comprehensive logs in the very same section, including the IP address where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etcetera. For optimum safety of our clients we use a collection of commercial firewall rules combined with custom ones that are provided by our system admins.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages which we offer come with ModSecurity and since the firewall is turned on by default, any site that you set up under a domain or a subdomain shall be secured immediately. An individual section in the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it shall allow you to start and stop the firewall for any website or enable a detection mode. With the latter, ModSecurity will not take any action, but it shall still recognize possible attacks and shall keep all information within a log as if it were fully active. The logs could be found within the very same section of the Control Panel and they feature information regarding the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etcetera. The security rules we use on our web servers are a mix between commercial ones from a security company and custom ones made by our system administrators. For that reason, we provide greater security for your web apps as we can shield them from attacks before security corporations release updates for completely new threats.

ModSecurity in VPS Web Hosting

ModSecurity comes with all Hepsia-based virtual private servers that we offer and it shall be switched on automatically for any new domain or subdomain which you include on the machine. This way, any web app which you install shall be protected right away without doing anything personally on your end. The firewall can be managed via the section of the CP which bears the same name. This is the location in whichyou'll be able to disable ModSecurity or enable its passive mode, so it will not take any action toward threats, but shall still keep a thorough log. The recorded information is available in the same section as well and you will be able to see what IPs any attacks originated from so that you can block them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules that we use on our servers are a mixture between commercial ones which we obtain from a security firm and custom ones that are included by our admins to optimize the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers Hosting

ModSecurity is provided with all dedicated servers which are integrated with our Hepsia CP and you won't have to do anything specific on your end to employ it since it is switched on by default each time you add a new domain or subdomain on your server. In case it interferes with any of your programs, you shall be able to stop it through the respective part of Hepsia, or you may leave it operating in passive mode, so it shall identify attacks and shall still keep a log for them, but shall not block them. You may analyze the logs later to determine what you can do to enhance the security of your websites as you shall find info such as where an intrusion attempt originated from, what website was attacked and based on what rule ModSecurity responded, and so forth. The rules which we employ are commercial, therefore they are regularly updated by a security provider, but to be on the safe side, our admins also include custom rules once in a while as to deal with any new threats they have identified.