ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its operation and in case it identifies an intrusion attempt, it prevents it. The firewall also keeps a more thorough log for the website visitors than any server does, so you shall manage to keep an eye on what's happening with your Internet sites better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For example, it identifies if anyone is attempting to log in to the admin area of a particular script multiple times or if a request is sent to execute a file with a certain command. In such cases these attempts set off the corresponding rules and the software hinders the attempts instantly, then records comprehensive details about them within its logs. ModSecurity is among the best software firewalls on the market and it could easily protect your web applications against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

We provide ModSecurity with all cloud hosting plans, so your Internet applications shall be resistant to harmful attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you'll be able to stop it via the respective area of your Hepsia CP. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you'll discover in Hepsia are incredibly detailed and offer info about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, and so on. We employ a range of commercial rules which are often updated, but sometimes our admins include custom rules as well in order to better protect the Internet sites hosted on our machines.

ModSecurity in Semi-dedicated Servers

We have integrated ModSecurity by default within all semi-dedicated server packages, so your web applications shall be protected whenever you set them up under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts will permit you to switch on or disable the firewall for any Internet site with a click. You will also be able to activate a passive detection mode with which ModSecurity shall keep a log of possible attacks without really stopping them. The detailed logs include the nature of the attack and what ModSecurity response this attack generated, where it originated from, and so forth. The list of rules which we use is regularly updated in order to match any new threats which could appear on the Internet and it comes with both commercial rules that we get from a security company and custom-written ones which our administrators add in case they find a threat which is not present in the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers that we offer and it'll be switched on automatically for every new domain or subdomain that you include on the server. That way, any web app you install shall be secured immediately without doing anything personally on your end. The firewall can be handled through the section of the CP that has the same name. This is the area whereyou'll be able to turn off ModSecurity or activate its passive mode, so it won't take any action toward threats, but will still keep a thorough log. The recorded information is available inside the same area as well and you'll be able to see what IPs any attacks originated from so that you stop them, what the nature of the attempted attacks was and in accordance with what security rules ModSecurity reacted. The rules that we employ on our servers are a mix between commercial ones that we obtain from a security company and custom ones which are added by our admins to optimize the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers

When you choose to host your websites on a dedicated server with the Hepsia CP, your web applications shall be protected straight away because ModSecurity is supplied with all Hepsia-based packages. You will be able to regulate the firewall without difficulty and if necessary, you will be able to turn it off or switch on its passive mode when it'll only keep a log of what's occurring without taking any action to prevent potential attacks. The logs that you can find inside the very same section of the Control Panel are very detailed and include data about the attacker IP address, what site and file were attacked and in what way, what rule the firewall used to stop the intrusion, and so on. This information will allow you to take measures and increase the protection of your Internet sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our admins include whenever they detect attacks that have not yet been included inside the commercial pack.