ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and in case it discovers an intrusion attempt, it blocks it. The firewall additionally maintains a more thorough log for the website visitors than any server does, so you'll be able to monitor what is happening with your websites a lot better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it stops attacks. For instance, it detects if someone is trying to log in to the administration area of a particular script a number of times or if a request is sent to execute a file with a specific command. In these instances these attempts trigger the corresponding rules and the firewall program hinders the attempts in real time, after that records comprehensive information about them inside its logs. ModSecurity is one of the most effective software firewalls on the market and it can protect your web apps against many threats and vulnerabilities, particularly in case you don’t update them or their plugins often.

ModSecurity in Cloud Web Hosting

We offer ModSecurity with all cloud web hosting plans, so your web applications will be resistant to destructive attacks. The firewall is switched on by default for all domains and subdomains, but if you would like, you'll be able to stop it via the respective section of your Hepsia CP. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you'll discover within Hepsia are quite detailed and feature data about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, and so on. We employ a range of commercial rules that are constantly updated, but sometimes our administrators include custom rules as well in order to better protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions which we offer feature ModSecurity and because the firewall is turned on by default, any site which you set up under a domain or a subdomain shall be secured right away. An individual section within the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll enable you to start and stop the firewall for any website or enable a detection mode. With the latter, ModSecurity won't take any action, but it shall still identify possible attacks and shall keep all data in a log as if it were fully active. The logs could be found within the very same section of the Control Panel and they offer details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules we employ on our web servers are a mix of commercial ones from a security business and custom ones made by our system administrators. Consequently, we offer higher security for your web apps as we can shield them from attacks even before security businesses release updates for brand new threats.

ModSecurity in VPS Web Hosting

ModSecurity is included with all Hepsia-based virtual private servers which we offer and it will be switched on automatically for any new domain or subdomain you include on the machine. That way, any web app that you install will be protected right away without doing anything by hand on your end. The firewall may be handled via the section of the Control Panel which has the same name. This is the location in whichyou could turn off ModSecurity or activate its passive mode, so it won't take any action towards threats, but will still maintain a detailed log. The recorded information is available within the same section as well and you'll be able to see what IPs any attacks originated from to enable you to block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules which we employ on our servers are a blend between commercial ones which we obtain from a security organization and custom ones which are added by our staff to improve the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers Hosting

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the web server. In the event that a web app doesn't work adequately, you may either disable the firewall or set it to work in passive mode. The latter means that ModSecurity will keep a log of any possible attack that might occur, but shall not take any action to stop it. The logs created in passive or active mode shall provide you with additional details about the exact file which was attacked, the form of the attack and the IP address it came from, etcetera. This info shall allow you to decide what steps you can take to improve the security of your websites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial bundle from a third-party security company we work with, but sometimes our admins add their own rules as well if they come across a new potential threat.