ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its overall performance and in case it identifies an intrusion attempt, it blocks it. The firewall additionally keeps a more comprehensive log for the traffic than any server does, so you'll manage to keep track of what is happening with your sites a lot better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For instance, it recognizes if somebody is attempting to log in to the administrator area of a certain script multiple times or if a request is sent to execute a file with a specific command. In these instances these attempts set off the corresponding rules and the firewall blocks the attempts right away, and then records comprehensive information about them in its logs. ModSecurity is amongst the best software firewalls out there and it could easily protect your web applications against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.

ModSecurity in Hosting

ModSecurity is available on all hosting web servers, so when you choose to host your sites with our company, they shall be protected against a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there shall be nothing you shall need to do on your end. You will be able to stop ModSecurity for any Internet site if necessary, or to activate a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You shall be able to view specific logs via your Hepsia CP including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity addressed the threat. Since we take the protection of our customers' Internet sites very seriously, we use a group of commercial rules that we get from one of the top companies that maintain this sort of rules. Our administrators also add custom rules to make sure that your sites shall be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Hosting

We have included ModSecurity as a standard in all semi-dedicated hosting packages, so your web apps shall be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel which is included with the semi-dedicated accounts will allow you to enable or turn off the firewall for any site with a click. You shall also be able to switch on a passive detection mode through which ModSecurity will keep a log of possible attacks without actually preventing them. The thorough logs include the nature of the attack and what ModSecurity response this attack triggered, where it came from, and so on. The list of rules we employ is frequently updated in order to match any new threats which might appear on the Internet and it comes with both commercial rules that we get from a security business and custom-written ones which our administrators include in the event that they discover a threat which is not present in the commercial list yet.

ModSecurity in VPS

ModSecurity is pre-installed on all virtual private servers that are provided with the Hepsia hosting Control Panel, so your web programs shall be protected from the instant your server is in a position. The firewall is switched on by default for any domain or subdomain on the VPS, but if necessary, you can deactivate it with a click of your mouse via the corresponding section of Hepsia. You could also set it to work in detection mode, so it'll maintain a detailed log of any potential attacks without taking any action to prevent them. The logs can be found within the exact same section and provide information regarding the nature of the attack, what IP it originated from and what ModSecurity rule was initiated to stop it. For maximum security, we use not simply commercial rules from a company operating in the field of web security, but also custom ones that our administrators include manually in order to react to new risks which are still not tackled in the commercial rules.

ModSecurity in Dedicated Hosting

When you opt to host your sites on a dedicated server with the Hepsia Control Panel, your web applications will be protected right away because ModSecurity is supplied with all Hepsia-based packages. You will be able to regulate the firewall with ease and if needed, you shall be able to turn it off or activate its passive mode when it will only keep a log of what's taking place without taking any action to prevent potential attacks. The logs that you can find inside the very same section of the CP are extremely detailed and feature info about the attacker IP address, what site and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, and so forth. This info will permit you to take measures and enhance the protection of your websites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our staff add whenever they identify attacks which haven't yet been included in the commercial pack.