ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and when it identifies an intrusion attempt, it prevents it. The firewall additionally maintains a more thorough log for the site visitors than any web server does, so you shall manage to keep an eye on what's going on with your websites better than if you rely merely on standard logs. ModSecurity employs security rules based on which it stops attacks. For instance, it identifies if somebody is attempting to log in to the administration area of a certain script several times or if a request is sent to execute a file with a specific command. In such instances these attempts set off the corresponding rules and the firewall blocks the attempts instantly, then records in-depth details about them within its logs. ModSecurity is among the best software firewalls available and it can protect your web apps against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.

ModSecurity in Cloud Hosting

ModSecurity is available on all cloud hosting machines, so when you opt to host your sites with our business, they shall be protected against an array of attacks. The firewall is enabled by default for all domains and subdomains, so there shall be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any Internet site if required, or to switch on a detection mode, so all activity will be recorded, but the firewall will not take any real action. You'll be able to view detailed logs from your Hepsia Control Panel including the IP where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. As we take the protection of our clients' websites seriously, we use a selection of commercial rules that we take from one of the best firms that maintain such rules. Our admins also add custom rules to make sure that your sites will be protected against as many threats as possible.

ModSecurity in Semi-dedicated Servers

Any web application that you set up in your new semi-dedicated server account shall be protected by ModSecurity because the firewall is included with all our hosting solutions and is turned on by default for any domain and subdomain which you add or create through your Hepsia hosting Control Panel. You shall be able to manage ModSecurity through a dedicated area within Hepsia where not simply can you activate or deactivate it fully, but you could also activate a passive mode, so the firewall will not block anything, but it will still maintain an archive of potential attacks. This takes only a click and you shall be able to see the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was dealt with, etcetera. The firewall uses 2 sets of rules on our machines - a commercial one which we get from a third-party web security company and a custom one which our admins update personally in order to respond to newly discovered risks as quickly as possible.

ModSecurity in VPS Servers

All VPS servers which are provided with the Hepsia CP come with ModSecurity. The firewall is installed and switched on by default for all domains which are hosted on the machine, so there shall not be anything special which you'll need to do to protect your Internet sites. It'll take you simply a click to stop ModSecurity if required or to activate its passive mode so that it records what goes on without taking any measures to prevent intrusions. You shall be able to view the logs produced in active or passive mode from the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall employed to handle it, and so on. We employ a mix of commercial and custom rules so as to make certain that ModSecurity shall stop as many threats as possible, therefore enhancing the security of your web applications as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers that are integrated with our Hepsia CP and you won't have to do anything specific on your end to employ it since it's enabled by default whenever you add a new domain or subdomain on your hosting server. If it disrupts any of your applications, you'll be able to stop it through the respective area of Hepsia, or you can leave it operating in passive mode, so it will detect attacks and shall still keep a log for them, but won't block them. You may analyze the logs later to learn what you can do to enhance the safety of your websites since you'll find info such as where an intrusion attempt originated from, what website was attacked and based upon what rule ModSecurity responded, and so on. The rules that we use are commercial, therefore they're regularly updated by a security provider, but to be on the safe side, our staff also add custom rules every now and then as to react to any new threats they have found.