ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its overall performance and if it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more comprehensive log for the traffic than any web server does, so you'll manage to keep an eye on what is going on with your Internet sites better than if you rely simply on standard logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it detects whether someone is attempting to log in to the administration area of a particular script multiple times or if a request is sent to execute a file with a specific command. In such situations these attempts set off the corresponding rules and the software hinders the attempts instantly, and then records comprehensive information about them within its logs. ModSecurity is amongst the most effective software firewalls on the market and it could easily protect your web apps against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.

ModSecurity in Cloud Web Hosting

We provide ModSecurity with all cloud web hosting solutions, so your Internet applications shall be resistant to harmful attacks. The firewall is activated as standard for all domains and subdomains, but in case you'd like, you'll be able to stop it through the respective section of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you'll discover in Hepsia are incredibly detailed and feature data about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, and so on. We employ a set of commercial rules that are frequently updated, but sometimes our admins add custom rules as well so as to efficiently protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

We've incorporated ModSecurity by default within all semi-dedicated hosting packages, so your web apps shall be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts shall allow you to enable or turn off the firewall for any site with a mouse click. You shall also have the ability to switch on a passive detection mode through which ModSecurity shall maintain a log of possible attacks without really stopping them. The thorough logs include the nature of the attack and what ModSecurity response that attack triggered, where it originated from, and so on. The list of rules that we use is constantly updated in order to match any new threats which may appear on the Internet and it features both commercial rules that we get from a security corporation and custom-written ones which our admins add in case they find a threat which is not present inside the commercial list yet.

ModSecurity in VPS Web Hosting

ModSecurity comes with all Hepsia-based virtual private servers that we offer and it will be activated automatically for any new domain or subdomain which you include on the server. In this way, any web app that you install shall be protected right from the start without doing anything personally on your end. The firewall can be handled via the section of the CP that bears the same name. This is the location in whichyou could disable ModSecurity or let its passive mode, so it won't take any action against threats, but will still keep a comprehensive log. The recorded information is available inside the same area as well and you shall be able to see what IPs any attacks came from so that you can stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules we use on our servers are a combination between commercial ones that we get from a security organization and custom ones that are added by our staff to enhance the security of any web applications hosted on our end.

ModSecurity in Dedicated Servers Hosting

ModSecurity is provided with all dedicated servers which are integrated with our Hepsia Control Panel and you'll not have to do anything specific on your end to employ it as it is enabled by default whenever you include a new domain or subdomain on your web server. If it interferes with some of your programs, you shall be able to stop it through the respective area of Hepsia, or you could leave it in passive mode, so it'll recognize attacks and will still maintain a log for them, but shall not stop them. You may analyze the logs later to find out what you can do to increase the security of your Internet sites since you'll find info such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity responded, and so forth. The rules we employ are commercial, thus they're constantly updated by a security provider, but to be on the safe side, our staff also include custom rules occasionally as to react to any new threats they have discovered.