ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its overall performance and in case it identifies an intrusion attempt, it blocks it. The firewall additionally maintains a more detailed log for the traffic than any server does, so you'll be able to monitor what is going on with your Internet sites a lot better than if you rely simply on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it recognizes whether somebody is attempting to log in to the administration area of a specific script a number of times or if a request is sent to execute a file with a particular command. In these circumstances these attempts trigger the corresponding rules and the firewall program hinders the attempts in real time, after that records in-depth info about them in its logs. ModSecurity is one of the best software firewalls available and it can easily protect your web apps against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Web Hosting

ModSecurity is supplied with all web hosting web servers, so when you choose to host your Internet sites with our organization, they will be protected against a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you will need to do on your end. You will be able to stop ModSecurity for any Internet site if required, or to enable a detection mode, so all activity will be recorded, but the firewall will not take any real action. You'll be able to view detailed logs using your Hepsia CP including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. Since we take the protection of our clients' websites very seriously, we employ a collection of commercial rules that we get from one of the leading companies that maintain this sort of rules. Our administrators also include custom rules to make sure that your Internet sites will be protected against as many risks as possible.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans which we offer feature ModSecurity and because the firewall is switched on by default, any Internet site that you build under a domain or a subdomain will be secured straight away. A separate section within the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it shall permit you to start and stop the firewall for any Internet site or activate a detection mode. With the latter, ModSecurity shall not take any action, but it'll still detect possible attacks and shall keep all data within a log as if it were completely active. The logs could be found within the exact same section of the Control Panel and they feature specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules we employ on our servers are a mix of commercial ones from a security business and custom ones made by our system administrators. As a result, we provide greater security for your web applications as we can defend them from attacks before security businesses release updates for completely new threats.

ModSecurity in VPS Web Hosting

ModSecurity is pre-installed on all virtual private servers which are provided with the Hepsia hosting Control Panel, so your web apps will be protected from the second your server is ready. The firewall is switched on by default for any domain or subdomain on the Virtual Private Server, but if needed, you could disable it with a mouse click from the corresponding section of Hepsia. You could also set it to operate in detection mode, so it'll maintain a comprehensive log of any possible attacks without taking any action to prevent them. The logs can be found inside the very same section and include information about the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For optimum security, we employ not simply commercial rules from a business operating in the field of web security, but also custom ones that our admins include personally so as to respond to new threats that are still not addressed in the commercial rules.

ModSecurity in Dedicated Servers Hosting

ModSecurity is provided with all dedicated servers which are integrated with our Hepsia CP and you'll not need to do anything specific on your end to use it since it's switched on by default whenever you add a new domain or subdomain on your hosting server. In the event that it disrupts any of your apps, you'll be able to stop it through the respective part of Hepsia, or you may leave it in passive mode, so it will detect attacks and will still maintain a log for them, but shall not block them. You could examine the logs later to determine what you can do to enhance the security of your websites since you shall find information such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity responded, and so on. The rules which we employ are commercial, therefore they're frequently updated by a security firm, but to be on the safe side, our administrators also include custom rules once in a while as to deal with any new threats they have found.