ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its performance and if it detects an intrusion attempt, it prevents it. The firewall furthermore keeps a more comprehensive log for the website visitors than any server does, so you'll manage to monitor what is going on with your Internet sites much better than if you rely merely on standard logs. ModSecurity uses security rules based on which it prevents attacks. For instance, it recognizes if anyone is trying to log in to the admin area of a particular script a number of times or if a request is sent to execute a file with a certain command. In such situations these attempts trigger the corresponding rules and the firewall program blocks the attempts immediately, and then records comprehensive information about them inside its logs. ModSecurity is one of the best software firewalls available and it can easily protect your web applications against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Cloud Web Hosting

ModSecurity is provided with all cloud web hosting servers, so when you opt to host your websites with our business, they'll be protected against a wide range of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you will have to do on your end. You will be able to stop ModSecurity for any website if necessary, or to switch on a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view specific logs through your Hepsia CP including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity handled the threat. As we take the safety of our clients' sites very seriously, we use a group of commercial rules which we take from one of the best firms that maintain this type of rules. Our admins also add custom rules to make certain that your sites shall be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans which we offer include ModSecurity and since the firewall is turned on by default, any site that you set up under a domain or a subdomain shall be protected straight away. An independent section within the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it will allow you to start and stop the firewall for any Internet site or activate a detection mode. With the last option, ModSecurity shall not take any action, but it will still identify possible attacks and shall keep all info within a log as if it were 100% active. The logs can be found within the very same section of the CP and they offer information about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules that we employ on our machines are a mix between commercial ones from a security firm and custom ones developed by our system administrators. Therefore, we provide greater security for your web applications as we can shield them from attacks before security companies release updates for new threats.

ModSecurity in VPS Servers

ModSecurity comes with all Hepsia-based VPS servers which we offer and it will be switched on automatically for every new domain or subdomain which you include on the server. In this way, any web application which you install shall be protected immediately without doing anything by hand on your end. The firewall can be handled via the section of the CP that has the same name. This is the place whereyou could switch off ModSecurity or activate its passive mode, so it shall not take any action towards threats, but shall still maintain a thorough log. The recorded data is available in the same area as well and you will be able to see what IPs any attacks originated from so that you can stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity responded. The rules that we employ on our servers are a mixture between commercial ones that we get from a security organization and custom ones that are added by our admins to improve the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers

When you choose to host your sites on a dedicated server with the Hepsia CP, your web programs shall be secured right away because ModSecurity is provided with all Hepsia-based solutions. You will be able to regulate the firewall easily and if needed, you'll be able to turn it off or switch on its passive mode when it shall only maintain a log of what is going on without taking any action to stop possible attacks. The logs which you can find inside the same section of the Control Panel are really detailed and include details about the attacker IP address, what website and file were attacked and in what way, what rule the firewall employed to stop the intrusion, and so forth. This data shall allow you to take measures and improve the protection of your websites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our administrators add every time they identify attacks that haven't yet been included inside the commercial pack.