ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its overall performance and in case it detects an intrusion attempt, it blocks it. The firewall furthermore keeps a more thorough log for the traffic than any server does, so you shall be able to keep an eye on what's happening with your websites much better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For example, it detects whether someone is trying to log in to the administration area of a specific script a number of times or if a request is sent to execute a file with a certain command. In such circumstances these attempts trigger the corresponding rules and the software hinders the attempts right away, after that records in-depth info about them inside its logs. ModSecurity is among the very best software firewalls out there and it can easily protect your web apps against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.

ModSecurity in Cloud Hosting

We provide ModSecurity with all cloud hosting solutions, so your web applications will be resistant to malicious attacks. The firewall is activated by default for all domains and subdomains, but if you'd like, you'll be able to stop it through the respective section of your Hepsia CP. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you shall find inside Hepsia are extremely detailed and offer information about the nature of any attack, when it transpired and from what IP, the firewall rule that was triggered, and so on. We employ a group of commercial rules which are frequently updated, but sometimes our administrators add custom rules as well so as to better protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server packages and if you decide to host your websites with our company, there will not be anything special you'll need to do as the firewall is turned on by default for all domains and subdomains that you add through your hosting CP. If necessary, you could disable ModSecurity for a certain site or switch on the so-called detection mode in which case the firewall will still work and record data, but shall not do anything to stop potential attacks on your Internet sites. In depth logs shall be readily available in your Control Panel and you shall be able to see which kind of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, and so forth. We use two types of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom made ones that our administrators occasionally include to respond to newly found threats promptly.

ModSecurity in VPS Servers

All VPS servers which are provided with the Hepsia Control Panel include ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the server, so there shall not be anything special which you shall have to do to protect your sites. It'll take you simply a mouse click to stop ModSecurity if required or to activate its passive mode so that it records what occurs without taking any steps to stop intrusions. You'll be able to view the logs generated in active or passive mode via the corresponding section of Hepsia and discover more about the form of the attack, where it originated from, what rule the firewall employed to take care of it, etc. We use a mixture of commercial and custom rules so as to ensure that ModSecurity shall block as many risks as possible, hence enhancing the protection of your web apps as much as possible.

ModSecurity in Dedicated Servers

When you choose to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web apps will be protected right away since ModSecurity is provided with all Hepsia-based plans. You'll be able to control the firewall with ease and if needed, you will be able to turn it off or activate its passive mode when it will only keep a log of what is happening without taking any action to stop possible attacks. The logs which you'll find within the exact same section of the CP are very detailed and include info about the attacker IP, what site and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, etcetera. This info shall enable you to take measures and increase the security of your sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our staff add when they identify attacks which haven't yet been included within the commercial pack.