ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its operation and when it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more comprehensive log for the traffic than any web server does, so you will manage to monitor what's happening with your Internet sites a lot better than if you rely only on conventional logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it recognizes if anyone is trying to log in to the administrator area of a particular script multiple times or if a request is sent to execute a file with a specific command. In these cases these attempts trigger the corresponding rules and the firewall program blocks the attempts instantly, after that records in-depth info about them in its logs. ModSecurity is one of the very best software firewalls on the market and it could easily protect your web applications against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

ModSecurity is provided with all cloud hosting machines, so if you opt to host your Internet sites with our firm, they will be resistant to a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you shall need to do on your end. You'll be able to stop ModSecurity for any site if necessary, or to switch on a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You will be able to view comprehensive logs through your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wished to do and how ModSecurity handled the threat. Since we take the security of our customers' sites very seriously, we use a group of commercial rules which we take from one of the leading firms that maintain such rules. Our administrators also add custom rules to make sure that your Internet sites shall be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Hosting

We have integrated ModSecurity by default within all semi-dedicated hosting packages, so your web applications shall be protected as soon as you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts shall allow you to activate or turn off the firewall for any website with a mouse click. You'll also have the ability to turn on a passive detection mode through which ModSecurity shall keep a log of possible attacks without actually preventing them. The detailed logs include the nature of the attack and what ModSecurity response that attack triggered, where it originated from, and so on. The list of rules which we use is regularly updated in order to match any new risks which could appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones that our admins include in case they find a threat that's not present within the commercial list yet.

ModSecurity in VPS Hosting

ModSecurity is pre-installed on all virtual private servers which are provided with the Hepsia hosting CP, so your web apps will be secured from the instant your server is ready. The firewall is activated by default for any domain or subdomain on the VPS, but if necessary, you can disable it with a click of your mouse via the corresponding section of Hepsia. You can also set it to work in detection mode, so it shall keep a comprehensive log of any possible attacks without taking any action to prevent them. The logs can be found inside the very same section and include information about the nature of the attack, what IP address it came from and what ModSecurity rule was activated to stop it. For best security, we use not simply commercial rules from a company working in the field of web security, but also custom ones which our admins include personally in order to respond to new risks which are still not dealt with in the commercial rules.

ModSecurity in Dedicated Web Hosting

ModSecurity comes with all dedicated servers that are integrated with our Hepsia CP and you will not have to do anything specific on your end to employ it as it's turned on by default whenever you include a new domain or subdomain on your hosting server. In the event that it interferes with some of your apps, you'll be able to stop it through the respective section of Hepsia, or you may leave it operating in passive mode, so it shall detect attacks and will still keep a log for them, but shall not stop them. You can analyze the logs later to find out what you can do to increase the security of your sites as you'll find info such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity responded, and so on. The rules we employ are commercial, thus they are regularly updated by a security provider, but to be on the safe side, our admins also include custom rules once in a while in order to respond to any new threats they have identified.