ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its operation and when it identifies an intrusion attempt, it blocks it. The firewall additionally maintains a more detailed log for the site visitors than any web server does, so you will be able to monitor what is going on with your Internet sites a lot better than if you rely simply on standard logs. ModSecurity employs security rules based on which it stops attacks. For instance, it detects whether anyone is attempting to log in to the administrator area of a particular script a number of times or if a request is sent to execute a file with a particular command. In such cases these attempts set off the corresponding rules and the firewall software hinders the attempts instantly, after that records in-depth details about them in its logs. ModSecurity is amongst the very best software firewalls on the market and it could easily protect your web apps against many threats and vulnerabilities, particularly in case you don’t update them or their plugins often.

ModSecurity in Website Hosting

ModSecurity is supplied with all website hosting servers, so if you opt to host your websites with our business, they will be protected against an array of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you'll have to do on your end. You'll be able to stop ModSecurity for any Internet site if needed, or to activate a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You'll be able to view comprehensive logs using your Hepsia CP including the IP where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. As we take the protection of our clients' Internet sites very seriously, we use a set of commercial rules that we get from one of the top companies which maintain such rules. Our administrators also add custom rules to ensure that your sites will be protected against as many risks as possible.

ModSecurity in Semi-dedicated Servers

We have integrated ModSecurity as a standard within all semi-dedicated server plans, so your web applications shall be protected the instant you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall permit you to switch on or turn off the firewall for any website with a click. You will also have the ability to activate a passive detection mode with which ModSecurity shall maintain a log of possible attacks without really preventing them. The detailed logs include things like the nature of the attack and what ModSecurity response that attack triggered, where it originated from, etc. The list of rules that we use is frequently updated as to match any new risks which may appear on the Internet and it consists of both commercial rules that we get from a security firm and custom-written ones that our administrators add in case they discover a threat which is not present in the commercial list yet.

ModSecurity in VPS Servers

All VPS servers which are set up with the Hepsia Control Panel include ModSecurity. The firewall is installed and activated by default for all domains which are hosted on the machine, so there won't be anything special which you'll need to do to protect your Internet sites. It will take you a mouse click to stop ModSecurity if necessary or to turn on its passive mode so that it records what occurs without taking any actions to stop intrusions. You shall be able to view the logs generated in passive or active mode via the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall used to deal with it, and so forth. We use a mix of commercial and custom rules so as to make certain that ModSecurity will stop as many risks as possible, therefore improving the protection of your web applications as much as possible.

ModSecurity in Dedicated Servers

All our dedicated servers that are set up with the Hepsia hosting CP feature ModSecurity, so any program which you upload or set up will be properly secured from the very beginning and you will not have to bother about common attacks or vulnerabilities. An independent section in Hepsia will enable you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records information regarding intrusions, but doesn't take actions to prevent them. What you will see in the logs can help you to secure your websites better - the IP address an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, etc. With this data, you can see whether an Internet site needs an update, whether you need to block IPs from accessing your web server, etcetera. In addition to the third-party commercial security rules for ModSecurity that we use, our admins add custom ones as well whenever they discover a new threat that's not yet a part of the commercial bundle.