ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its overall performance and when it discovers an intrusion attempt, it prevents it. The firewall also keeps a more comprehensive log for the site visitors than any server does, so you'll manage to keep an eye on what is happening with your Internet sites much better than if you rely only on standard logs. ModSecurity uses security rules based on which it prevents attacks. For example, it recognizes whether anyone is attempting to log in to the administrator area of a particular script a number of times or if a request is sent to execute a file with a specific command. In these circumstances these attempts trigger the corresponding rules and the software hinders the attempts instantly, after that records in-depth information about them within its logs. ModSecurity is one of the very best software firewalls on the market and it could easily protect your web applications against many threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.

ModSecurity in Cloud Website Hosting

ModSecurity is offered with every single cloud website hosting solution that we offer and it is turned on by default for every domain or subdomain that you add via your Hepsia CP. In the event that it interferes with any of your apps or you'd like to disable it for any reason, you'll be able to do that through the ModSecurity area of Hepsia with only a click. You could also enable a passive mode, so the firewall will recognize possible attacks and keep a log, but will not take any action. You can view detailed logs in the exact same section, including the IP where the attack originated from, exactly what the attacker attempted to do and at what time, what ModSecurity did, and so on. For optimum security of our clients we use a set of commercial firewall rules mixed with custom ones that are added by our system admins.

ModSecurity in Semi-dedicated Hosting

We've integrated ModSecurity by default in all semi-dedicated hosting plans, so your web applications will be protected whenever you set them up under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall permit you to switch on or disable the firewall for any site with a mouse click. You shall also be able to switch on a passive detection mode through which ModSecurity will keep a log of potential attacks without really stopping them. The thorough logs include things like the nature of the attack and what ModSecurity response this attack triggered, where it came from, and so on. The list of rules we employ is regularly updated as to match any new threats that may appear on the Internet and it consists of both commercial rules that we get from a security corporation and custom-written ones which our admins add in the event that they find a threat that is not present within the commercial list yet.

ModSecurity in Dedicated Hosting

When you decide to host your websites on a dedicated server with the Hepsia Control Panel, your web applications shall be protected right away since ModSecurity is supplied with all Hepsia-based packages. You shall be able to manage the firewall with ease and if required, you will be able to turn it off or activate its passive mode when it shall only maintain a log of what is taking place without taking any action to prevent possible attacks. The logs that you can find inside the same section of the Control Panel are extremely detailed and feature details about the attacker IP, what site and file were attacked and in what way, what rule the firewall used to stop the intrusion, and so forth. This information will permit you to take measures and increase the security of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our admins add whenever they identify attacks which haven't yet been included in the commercial pack.