ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its performance and in case it detects an intrusion attempt, it prevents it. The firewall furthermore maintains a more thorough log for the traffic than any server does, so you shall be able to monitor what is happening with your websites better than if you rely only on conventional logs. ModSecurity works with security rules based on which it helps prevent attacks. For instance, it identifies whether someone is trying to log in to the administration area of a certain script a number of times or if a request is sent to execute a file with a particular command. In such cases these attempts set off the corresponding rules and the software blocks the attempts in real time, then records detailed details about them within its logs. ModSecurity is one of the very best software firewalls on the market and it can protect your web applications against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.

ModSecurity in Cloud Website Hosting

ModSecurity is supplied with all cloud website hosting servers, so if you decide to host your websites with our organization, they'll be protected against a wide array of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you shall have to do on your end. You'll be able to stop ModSecurity for any website if necessary, or to activate a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You will be able to view specific logs through your Hepsia Control Panel including the IP address where the attack came from, what the attacker wished to do and how ModSecurity addressed the threat. Since we take the protection of our customers' sites seriously, we employ a selection of commercial rules that we get from one of the leading companies that maintain such rules. Our administrators also add custom rules to make sure that your sites will be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Hosting

Any web program that you install inside your new semi-dedicated hosting account will be protected by ModSecurity as the firewall comes with all our hosting plans and is activated by default for any domain and subdomain you include or create through your Hepsia hosting Control Panel. You shall be able to manage ModSecurity via a dedicated area within Hepsia where not simply can you activate or deactivate it entirely, but you could also enable a passive mode, so the firewall won't stop anything, but it will still keep an archive of possible attacks. This requires simply a mouse click and you'll be able to view the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was taken care of, and so forth. The firewall employs two sets of rules on our machines - a commercial one which we get from a third-party web security company and a custom one that our admins update personally as to respond to recently discovered risks immediately.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers which are offered with the Hepsia hosting Control Panel, so your web apps shall be protected from the second your server is in a position. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if needed, you could deactivate it with a click from the corresponding section of Hepsia. You may also set it to operate in detection mode, so it shall maintain a detailed log of any potential attacks without taking any action to prevent them. The logs are available inside the very same section and include information regarding the nature of the attack, what IP address it came from and what ModSecurity rule was initiated to stop it. For maximum security, we employ not just commercial rules from a company operating in the field of web security, but also custom ones our admins add manually so as to react to new threats which are still not addressed in the commercial rules.

ModSecurity in Dedicated Hosting

ModSecurity is provided with all dedicated servers which are integrated with our Hepsia CP and you'll not need to do anything specific on your end to employ it because it is enabled by default each time you add a new domain or subdomain on your hosting server. In the event that it disrupts some of your apps, you'll be able to stop it through the respective area of Hepsia, or you can leave it in passive mode, so it'll recognize attacks and will still keep a log for them, but will not block them. You'll be able to look at the logs later to learn what you can do to enhance the protection of your Internet sites as you will find information such as where an intrusion attempt originated from, what site was attacked and based upon what rule ModSecurity responded, etcetera. The rules which we employ are commercial, hence they're frequently updated by a security company, but to be on the safe side, our admins also include custom rules every now and then in order to react to any new threats they have identified.