ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and if it discovers an intrusion attempt, it blocks it. The firewall also maintains a more comprehensive log for the site visitors than any server does, so you shall be able to keep track of what is happening with your Internet sites much better than if you rely only on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For example, it recognizes if anyone is attempting to log in to the administrator area of a given script a number of times or if a request is sent to execute a file with a particular command. In such instances these attempts trigger the corresponding rules and the firewall hinders the attempts in real time, then records comprehensive information about them inside its logs. ModSecurity is one of the best software firewalls out there and it could easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Cloud Web Hosting

ModSecurity comes by default with all cloud web hosting packages which we supply and it shall be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting Control Panel. The firewall has three different modes, so you can activate and deactivate it with a click or set it to detection mode, so it will maintain a log of all attacks, but it will not do anything to prevent them. The log for any of your sites will contain comprehensive info including the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules which we use are frequently updated and comprise of both commercial ones which we get from a third-party security company and custom ones that our system administrators include in case that they detect a new kind of attacks. In this way, the Internet sites you host here shall be far more secure with no action required on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions which we offer include ModSecurity and because the firewall is enabled by default, any Internet site which you set up under a domain or a subdomain will be secured right away. An independent section inside the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll allow you to stop and start the firewall for any website or enable a detection mode. With the last mentioned, ModSecurity won't take any action, but it shall still identify possible attacks and will keep all information inside a log as if it were completely active. The logs can be found within the very same section of the CP and they feature details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules which we use on our machines are a mix between commercial ones from a security business and custom ones created by our system admins. For that reason, we provide increased security for your web programs as we can shield them from attacks before security firms release updates for completely new threats.

ModSecurity in VPS Hosting

Safety is extremely important to us, so we set up ModSecurity on all virtual private servers that are made available with the Hepsia Control Panel by default. The firewall could be managed through a dedicated section in Hepsia and is turned on automatically when you add a new domain or generate a subdomain, so you'll not need to do anything manually. You will also be able to disable it or turn on the so-called detection mode, so it will maintain a log of potential attacks that you can later analyze, but won't prevent them. The logs in both passive and active modes offer details regarding the type of the attack and how it was prevented, what IP it originated from and other valuable information that could help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. Beyond the commercial rules which we get for ModSecurity from a third-party security enterprise, we also use our own rules as every now and then we find specific attacks that are not yet present inside the commercial pack. That way, we can enhance the protection of your Virtual private server right away instead of awaiting an official update.

ModSecurity in Dedicated Web Hosting

If you choose to host your websites on a dedicated server with the Hepsia Control Panel, your web programs shall be secured right away since ModSecurity is provided with all Hepsia-based packages. You'll be able to control the firewall with ease and if required, you'll be able to turn it off or activate its passive mode when it shall only keep a log of what is occurring without taking any action to prevent potential attacks. The logs which you can find in the exact same section of the CP are very detailed and contain info about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so forth. This info shall allow you to take measures and enhance the protection of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our administrators include every time they identify attacks that have not yet been included in the commercial pack.