ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its performance and in case it detects an intrusion attempt, it prevents it. The firewall furthermore keeps a more detailed log for the website visitors than any server does, so you will be able to keep an eye on what is going on with your sites much better than if you rely merely on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it detects if somebody is attempting to log in to the administrator area of a given script a number of times or if a request is sent to execute a file with a specific command. In these situations these attempts trigger the corresponding rules and the firewall software blocks the attempts right away, then records detailed info about them within its logs. ModSecurity is amongst the best software firewalls available and it can protect your web applications against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.

ModSecurity in Website Hosting

ModSecurity is available on all website hosting machines, so if you decide to host your websites with our organization, they'll be protected against an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you will have to do on your end. You will be able to stop ModSecurity for any website if necessary, or to enable a detection mode, so all activity will be recorded, but the firewall will not take any real action. You shall be able to view specific logs via your Hepsia CP including the IP where the attack came from, what the attacker wanted to do and how ModSecurity handled the threat. Since we take the protection of our clients' Internet sites very seriously, we employ a collection of commercial rules which we take from one of the top companies which maintain this type of rules. Our administrators also include custom rules to make sure that your sites shall be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server solutions and if you decide to host your Internet sites with our company, there shall not be anything special you will have to do given that the firewall is switched on by default for all domains and subdomains that you add using your hosting Control Panel. If necessary, you'll be able to disable ModSecurity for a given site or switch on the so-called detection mode in which case the firewall shall still work and record data, but shall not do anything to prevent possible attacks on your Internet sites. In depth logs will be accessible in your CP and you will be able to see which kind of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, etc. We use 2 types of rules on our servers - commercial ones from a firm that operates in the field of web security, and custom ones which our administrators occasionally include to respond to newly found threats promptly.

ModSecurity in VPS Servers

ModSecurity comes with all Hepsia-based VPS servers that we offer and it will be switched on automatically for any new domain or subdomain that you include on the machine. In this way, any web app which you install will be secured right away without doing anything by hand on your end. The firewall can be handled from the section of the CP that bears the same name. This is the place whereyou'll be able to switch off ModSecurity or activate its passive mode, so it will not take any action towards threats, but will still keep a detailed log. The recorded info is available within the same section as well and you shall be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and based on what security rules ModSecurity responded. The rules that we use on our servers are a blend between commercial ones we obtain from a security company and custom ones that are added by our administrators to enhance the security of any web applications hosted on our end.

ModSecurity in Dedicated Servers

If you choose to host your websites on a dedicated server with the Hepsia CP, your web applications shall be secured right from the start since ModSecurity is supplied with all Hepsia-based solutions. You will be able to manage the firewall with ease and if needed, you will be able to turn it off or switch on its passive mode when it will only maintain a log of what is happening without taking any action to prevent potential attacks. The logs which you will find in the exact same section of the Control Panel are really detailed and contain information about the attacker IP, what website and file were attacked and in what way, what rule the firewall used to prevent the intrusion, and so forth. This info will enable you to take measures and increase the security of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our staff include whenever they detect attacks that have not yet been included inside the commercial pack.