ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its operation and in case it identifies an intrusion attempt, it prevents it. The firewall furthermore maintains a more thorough log for the site visitors than any web server does, so you'll manage to monitor what's going on with your sites a lot better than if you rely simply on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For example, it detects whether somebody is trying to log in to the administrator area of a particular script several times or if a request is sent to execute a file with a specific command. In such situations these attempts trigger the corresponding rules and the software blocks the attempts in real time, after that records detailed details about them in its logs. ModSecurity is amongst the very best software firewalls on the market and it can protect your web apps against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.

ModSecurity in Cloud Web Hosting

ModSecurity is supplied with all cloud web hosting machines, so if you choose to host your Internet sites with our business, they will be shielded from a wide range of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you shall need to do on your end. You shall be able to stop ModSecurity for any Internet site if necessary, or to enable a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You will be able to view detailed logs using your Hepsia CP including the IP where the attack originated from, what the attacker wanted to do and how ModSecurity dealt with the threat. As we take the safety of our clients' sites very seriously, we use a collection of commercial rules that we get from one of the top companies which maintain this kind of rules. Our administrators also include custom rules to make sure that your Internet sites shall be protected against as many threats as possible.

ModSecurity in Semi-dedicated Servers

We've included ModSecurity as a standard within all semi-dedicated server plans, so your web applications will be protected as soon as you set them up under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts will permit you to switch on or turn off the firewall for any Internet site with a click. You'll also have the ability to switch on a passive detection mode through which ModSecurity will maintain a log of potential attacks without actually preventing them. The comprehensive logs contain the nature of the attack and what ModSecurity response that attack caused, where it originated from, and so forth. The list of rules we employ is frequently updated in order to match any new risks that may appear on the Internet and it comes with both commercial rules that we get from a security firm and custom-written ones which our admins add if they find a threat that's not present inside the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is included with all Hepsia-based VPS servers that we offer and it shall be activated automatically for any new domain or subdomain which you include on the machine. In this way, any web app which you install shall be protected immediately without doing anything by hand on your end. The firewall can be managed through the section of the CP which has the same name. This is the place in whichyou can disable ModSecurity or activate its passive mode, so it won't take any action against threats, but shall still maintain a thorough log. The recorded data is available inside the same area as well and you shall be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules we use on our servers are a blend between commercial ones which we get from a security firm and custom ones that are added by our admins to enhance the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers that are set up with our Hepsia Control Panel and you'll not need to do anything specific on your end to use it as it is turned on by default whenever you add a new domain or subdomain on your hosting server. In case it disrupts any of your apps, you'll be able to stop it through the respective part of Hepsia, or you may leave it in passive mode, so it shall recognize attacks and will still maintain a log for them, but won't prevent them. You'll be able to analyze the logs later to determine what you can do to improve the protection of your Internet sites since you shall find information such as where an intrusion attempt originated from, what site was attacked and based upon what rule ModSecurity responded, etcetera. The rules that we employ are commercial, hence they're frequently updated by a security provider, but to be on the safe side, our administrators also include custom rules occasionally as to deal with any new threats they have found.