ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its functionality and in case it detects an intrusion attempt, it prevents it. The firewall furthermore keeps a more comprehensive log for the site visitors than any web server does, so you'll manage to keep track of what's happening with your Internet sites much better than if you rely only on standard logs. ModSecurity uses security rules based on which it prevents attacks. For example, it recognizes whether anyone is trying to log in to the administrator area of a given script several times or if a request is sent to execute a file with a certain command. In such situations these attempts trigger the corresponding rules and the firewall program hinders the attempts in real time, and then records comprehensive info about them in its logs. ModSecurity is one of the best software firewalls available and it could easily protect your web apps against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.

ModSecurity in Cloud Website Hosting

ModSecurity is provided with all cloud website hosting servers, so if you choose to host your websites with our business, they shall be resistant to a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you'll have to do on your end. You will be able to stop ModSecurity for any Internet site if required, or to enable a detection mode, so that all activity shall be recorded, but the firewall shall not take any real action. You will be able to view comprehensive logs using your Hepsia CP including the IP where the attack originated from, what the attacker wanted to do and how ModSecurity handled the threat. Since we take the protection of our clients' Internet sites very seriously, we employ a group of commercial rules that we get from one of the leading companies that maintain this type of rules. Our administrators also include custom rules to make sure that your websites will be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting solutions and if you choose to host your sites with us, there won't be anything special you will have to do as the firewall is activated by default for all domains and subdomains that you include via your hosting Control Panel. If needed, you could disable ModSecurity for a particular Internet site or turn on the so-called detection mode in which case the firewall shall still operate and record information, but shall not do anything to prevent potential attacks against your Internet sites. Thorough logs shall be accessible inside your Control Panel and you will be able to see what type of attacks happened, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, and so forth. We employ 2 sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and customized ones which our administrators often include to respond to newly found risks promptly.

ModSecurity in VPS Hosting

ModSecurity is provided with all Hepsia-based virtual private servers we offer and it will be turned on automatically for every new domain or subdomain you add on the hosting server. In this way, any web application you install shall be protected right from the start without doing anything manually on your end. The firewall may be handled from the section of the CP that bears the same name. This is the location whereyou can disable ModSecurity or activate its passive mode, so it won't take any action toward threats, but shall still keep a comprehensive log. The recorded data is available within the same area as well and you will be able to see what IPs any attacks originated from so that you can block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules that we employ on our servers are a combination between commercial ones we obtain from a security company and custom ones that are included by our admins to enhance the security of any web apps hosted on our end.

ModSecurity in Dedicated Web Hosting

All our dedicated servers which are set up with the Hepsia hosting CP include ModSecurity, so any application you upload or set up shall be protected from the very beginning and you'll not need to bother about common attacks or vulnerabilities. A separate section in Hepsia will permit you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but doesn't take actions to stop them. What you'll discover in the logs shall allow you to to secure your sites better - the IP an attack originated from, what website was attacked and in what way, what ModSecurity rule was triggered, etc. With this info, you'll be able to see if a website needs an update, whether you ought to block IPs from accessing your web server, and so forth. Besides the third-party commercial security rules for ModSecurity we use, our administrators include custom ones too whenever they come across a new threat that is not yet a part of the commercial bundle.