ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and when it identifies an intrusion attempt, it prevents it. The firewall additionally maintains a more comprehensive log for the traffic than any server does, so you shall be able to keep an eye on what is happening with your sites much better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it stops attacks. For instance, it recognizes whether anyone is trying to log in to the administration area of a given script several times or if a request is sent to execute a file with a particular command. In such cases these attempts trigger the corresponding rules and the software hinders the attempts in real time, and then records comprehensive information about them within its logs. ModSecurity is among the best software firewalls out there and it can protect your web apps against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Cloud Web Hosting

ModSecurity is supplied with all cloud web hosting web servers, so if you choose to host your sites with our firm, they shall be resistant to a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you will have to do on your end. You shall be able to stop ModSecurity for any website if necessary, or to switch on a detection mode, so all activity will be recorded, but the firewall won't take any real action. You will be able to view detailed logs from your Hepsia Control Panel including the IP address where the attack came from, what the attacker wished to do and how ModSecurity handled the threat. As we take the security of our clients' sites very seriously, we employ a group of commercial rules which we get from one of the top firms that maintain this type of rules. Our admins also add custom rules to make certain that your sites shall be protected against as many risks as possible.

ModSecurity in Semi-dedicated Hosting

We have included ModSecurity by default within all semi-dedicated hosting plans, so your web apps shall be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will permit you to switch on or turn off the firewall for any Internet site with a mouse click. You shall also have the ability to switch on a passive detection mode with which ModSecurity shall maintain a log of possible attacks without really preventing them. The detailed logs contain the nature of the attack and what ModSecurity response this attack caused, where it originated from, and so on. The list of rules that we employ is regularly updated in order to match any new risks that could appear on the Internet and it consists of both commercial rules that we get from a security business and custom-written ones which our administrators include in case they find a threat that is not present inside the commercial list yet.

ModSecurity in VPS Hosting

All virtual private servers which are set up with the Hepsia CP come with ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the web server, so there shall not be anything special which you'll need to do to protect your websites. It shall take you a mouse click to stop ModSecurity if required or to turn on its passive mode so that it records what happens without taking any measures to stop intrusions. You'll be able to view the logs created in active or passive mode through the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall employed to deal with it, etc. We use a mixture of commercial and custom rules in order to ensure that ModSecurity shall block out as many threats as possible, thus increasing the protection of your web applications as much as possible.

ModSecurity in Dedicated Web Hosting

All our dedicated servers which are set up with the Hepsia hosting CP include ModSecurity, so any program you upload or set up shall be properly secured from the very beginning and you'll not have to stress about common attacks or vulnerabilities. An independent section in Hepsia will allow you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you shall find in the logs shall allow you to to secure your sites better - the IP an attack came from, what site was attacked and how, what ModSecurity rule was triggered, and so on. With this information, you can see if an Internet site needs an update, if you need to block IPs from accessing your server, and so on. Aside from the third-party commercial security rules for ModSecurity we use, our administrators include custom ones too every time they find a new threat that's not yet a part of the commercial bundle.