ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and when it identifies an intrusion attempt, it prevents it. The firewall also maintains a more comprehensive log for the website visitors than any server does, so you shall manage to keep track of what's happening with your sites better than if you rely only on standard logs. ModSecurity works with security rules based on which it helps prevent attacks. For example, it recognizes whether anyone is attempting to log in to the admin area of a given script several times or if a request is sent to execute a file with a certain command. In these circumstances these attempts trigger the corresponding rules and the firewall hinders the attempts right away, after that records comprehensive info about them inside its logs. ModSecurity is among the very best software firewalls on the market and it can easily protect your web apps against a large number of threats and vulnerabilities, especially in case you don’t update them or their plugins often.

ModSecurity in Hosting

ModSecurity is provided with all hosting machines, so when you choose to host your sites with our organization, they'll be shielded from a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there shall be nothing you shall have to do on your end. You'll be able to stop ModSecurity for any site if required, or to activate a detection mode, so that all activity shall be recorded, but the firewall will not take any real action. You shall be able to view comprehensive logs via your Hepsia CP including the IP where the attack originated from, what the attacker wanted to do and how ModSecurity dealt with the threat. Since we take the protection of our customers' websites seriously, we employ a collection of commercial rules that we take from one of the leading companies that maintain such rules. Our administrators also add custom rules to make sure that your websites will be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server plans and if you opt to host your sites with our company, there will not be anything special you'll need to do given that the firewall is activated by default for all domains and subdomains you add via your hosting Control Panel. If needed, you can disable ModSecurity for a certain website or activate the so-called detection mode in which case the firewall will still work and record info, but won't do anything to stop potential attacks against your Internet sites. Comprehensive logs shall be accessible within your CP and you'll be able to see which kind of attacks took place, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks came from, etc. We employ 2 types of rules on our servers - commercial ones from a firm that operates in the field of web security, and customized ones which our admins often add to respond to newly discovered threats promptly.

ModSecurity in VPS Servers

All VPS servers that are offered with the Hepsia Control Panel feature ModSecurity. The firewall is installed and activated by default for all domains that are hosted on the machine, so there shall not be anything special that you'll have to do to protect your Internet sites. It'll take you a mouse click to stop ModSecurity if needed or to switch on its passive mode so that it records what happens without taking any measures to stop intrusions. You'll be able to view the logs created in passive or active mode through the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall employed to deal with it, etc. We employ a mixture of commercial and custom rules so as to make sure that ModSecurity will block out as many risks as possible, hence boosting the security of your web applications as much as possible.

ModSecurity in Dedicated Servers

If you opt to host your websites on a dedicated server with the Hepsia Control Panel, your web apps shall be secured right from the start since ModSecurity is provided with all Hepsia-based packages. You will be able to manage the firewall effortlessly and if required, you will be able to turn it off or enable its passive mode when it will only maintain a log of what is happening without taking any action to stop potential attacks. The logs that you can find within the exact same section of the Control Panel are quite detailed and contain info about the attacker IP, what website and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, and so on. This info will allow you to take measures and enhance the protection of your sites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones which our administrators include when they detect attacks which haven't yet been included within the commercial pack.