ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its performance and in case it discovers an intrusion attempt, it blocks it. The firewall additionally keeps a more comprehensive log for the traffic than any web server does, so you will manage to keep track of what is going on with your sites a lot better than if you rely simply on conventional logs. ModSecurity employs security rules based on which it stops attacks. For instance, it recognizes if anyone is attempting to log in to the administrator area of a certain script a number of times or if a request is sent to execute a file with a certain command. In these circumstances these attempts set off the corresponding rules and the firewall software blocks the attempts instantly, and then records in-depth details about them in its logs. ModSecurity is amongst the best software firewalls out there and it can easily protect your web applications against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Cloud Website Hosting

ModSecurity is available on all cloud website hosting machines, so if you choose to host your websites with our organization, they'll be resistant to a wide range of attacks. The firewall is enabled as standard for all domains and subdomains, so there shall be nothing you will need to do on your end. You shall be able to stop ModSecurity for any site if needed, or to switch on a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You will be able to view detailed logs using your Hepsia Control Panel including the IP where the attack originated from, what the attacker planned to do and how ModSecurity handled the threat. As we take the safety of our customers' websites seriously, we employ a group of commercial rules which we get from one of the top companies that maintain this sort of rules. Our admins also include custom rules to ensure that your websites will be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions that we offer feature ModSecurity and given that the firewall is switched on by default, any website which you build under a domain or a subdomain will be secured right away. An individual section inside the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall enable you to stop and start the firewall for any website or enable a detection mode. With the latter, ModSecurity won't take any action, but it will still detect possible attacks and will keep all information within a log as if it were completely active. The logs could be found in the same section of the CP and they offer details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules that we employ on our web servers are a mix between commercial ones from a security company and custom ones made by our system administrators. For that reason, we offer higher security for your web apps as we can protect them from attacks even before security businesses release updates for new threats.

ModSecurity in VPS

ModSecurity is provided with all Hepsia-based virtual private servers that we offer and it'll be turned on automatically for any new domain or subdomain you add on the server. This way, any web application that you install will be secured right from the start without doing anything personally on your end. The firewall can be managed through the section of the CP that has the same name. This is the place in whichyou'll be able to turn off ModSecurity or activate its passive mode, so it will not take any action toward threats, but shall still keep a detailed log. The recorded information is available inside the same area as well and you'll be able to see what IPs any attacks came from so that you stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules that we use on our servers are a mixture between commercial ones that we get from a security organization and custom ones that are included by our administrators to maximize the protection of any web apps hosted on our end.

ModSecurity in Dedicated Hosting

ModSecurity comes with all dedicated servers that are set up with our Hepsia CP and you will not have to do anything specific on your end to use it since it is switched on by default each time you include a new domain or subdomain on your server. In case it interferes with any of your applications, you will be able to stop it via the respective section of Hepsia, or you may leave it working in passive mode, so it will identify attacks and shall still maintain a log for them, but will not stop them. You could analyze the logs later to determine what you can do to enhance the safety of your sites since you shall find information such as where an intrusion attempt came from, what Internet site was attacked and based on what rule ModSecurity reacted, etc. The rules which we employ are commercial, thus they're constantly updated by a security firm, but to be on the safe side, our administrators also include custom rules once in a while as to respond to any new threats they have discovered.