ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and when it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more comprehensive log for the site visitors than any web server does, so you shall be able to monitor what's happening with your websites a lot better than if you rely only on standard logs. ModSecurity uses security rules based on which it stops attacks. For instance, it recognizes if somebody is attempting to log in to the administration area of a specific script a number of times or if a request is sent to execute a file with a particular command. In these circumstances these attempts trigger the corresponding rules and the firewall program hinders the attempts in real time, after that records comprehensive details about them in its logs. ModSecurity is amongst the very best software firewalls out there and it could easily protect your web apps against many threats and vulnerabilities, particularly if you don’t update them or their plugins often.

ModSecurity in Cloud Web Hosting

ModSecurity can be found with each cloud web hosting plan that we offer and it is activated by default for any domain or subdomain which you include through your Hepsia Control Panel. In the event that it disrupts any of your programs or you would like to disable it for some reason, you shall be able to do this through the ModSecurity section of Hepsia with merely a click. You can also enable a passive mode, so the firewall will discover possible attacks and keep a log, but won't take any action. You can see detailed logs in the same section, including the IP address where the attack originated from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so on. For maximum safety of our customers we use a collection of commercial firewall rules mixed with custom ones that are added by our system administrators.

ModSecurity in Semi-dedicated Hosting

We have incorporated ModSecurity by default inside all semi-dedicated hosting products, so your web applications will be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts will permit you to enable or disable the firewall for any site with a mouse click. You shall also have the ability to activate a passive detection mode through which ModSecurity shall keep a log of potential attacks without actually preventing them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack initiated, where it came from, etc. The list of rules that we use is constantly updated as to match any new threats that could appear on the Internet and it features both commercial rules that we get from a security firm and custom-written ones which our admins include in the event that they discover a threat that is not present within the commercial list yet.

ModSecurity in VPS Hosting

ModSecurity comes with all Hepsia-based virtual private servers which we offer and it'll be turned on automatically for any new domain or subdomain that you add on the machine. This way, any web app that you install shall be secured immediately without doing anything manually on your end. The firewall can be handled through the section of the Control Panel that bears the same name. This is the area in whichyou'll be able to switch off ModSecurity or activate its passive mode, so it won't take any action towards threats, but shall still maintain a thorough log. The recorded info is available within the same section as well and you'll be able to see what IPs any attacks came from to enable you to stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules we employ on our servers are a mix between commercial ones which we obtain from a security organization and custom ones which are included by our admins to optimize the protection of any web apps hosted on our end.

ModSecurity in Dedicated Web Hosting

ModSecurity comes with all dedicated servers which are set up with our Hepsia Control Panel and you won't have to do anything specific on your end to use it as it's turned on by default whenever you include a new domain or subdomain on your hosting server. In case it disrupts some of your apps, you will be able to stop it through the respective part of Hepsia, or you may leave it operating in passive mode, so it will detect attacks and will still keep a log for them, but won't block them. You could look at the logs later to determine what you can do to improve the protection of your websites since you shall find information such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity reacted, etcetera. The rules we employ are commercial, hence they are regularly updated by a security firm, but to be on the safe side, our admins also include custom rules from time to time in order to react to any new threats they have found.