ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its functionality and in case it discovers an intrusion attempt, it prevents it. The firewall also maintains a more thorough log for the website visitors than any web server does, so you will manage to keep track of what is happening with your Internet sites a lot better than if you rely only on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For instance, it detects whether someone is attempting to log in to the administration area of a particular script multiple times or if a request is sent to execute a file with a particular command. In such circumstances these attempts set off the corresponding rules and the firewall program blocks the attempts in real time, and then records in-depth information about them in its logs. ModSecurity is among the most effective software firewalls available and it can easily protect your web apps against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.

ModSecurity in Website Hosting

ModSecurity is supplied with all website hosting servers, so when you decide to host your sites with our firm, they will be shielded from an array of attacks. The firewall is turned on by default for all domains and subdomains, so there will be nothing you shall need to do on your end. You will be able to stop ModSecurity for any site if required, or to switch on a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You shall be able to view detailed logs via your Hepsia Control Panel including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. As we take the safety of our clients' Internet sites seriously, we employ a group of commercial rules that we take from one of the best companies which maintain this type of rules. Our admins also include custom rules to make certain that your sites shall be protected against as many risks as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server packages and if you decide to host your sites with us, there won't be anything special you'll need to do as the firewall is switched on by default for all domains and subdomains which you add via your hosting CP. If needed, you'll be able to disable ModSecurity for a given Internet site or activate the so-called detection mode in which case the firewall will still operate and record information, but will not do anything to prevent potential attacks against your sites. Detailed logs shall be readily available in your Control Panel and you shall be able to see what sort of attacks took place, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, etc. We use 2 kinds of rules on our servers - commercial ones from a firm that operates in the field of web security, and custom made ones that our administrators occasionally add to respond to newly discovered risks in a timely manner.

ModSecurity in VPS Servers

ModSecurity comes with all Hepsia-based VPS servers that we offer and it will be switched on automatically for any new domain or subdomain you include on the web server. This way, any web app that you install will be secured right from the start without doing anything personally on your end. The firewall may be handled through the section of the Control Panel which has the same name. This is the place in whichyou'll be able to disable ModSecurity or let its passive mode, so it will not take any action toward threats, but will still keep a thorough log. The recorded information is available within the same section as well and you shall be able to see what IPs any attacks came from so that you can stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules we employ on our servers are a mix between commercial ones we get from a security firm and custom ones that are added by our admins to enhance the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

If you opt to host your sites on a dedicated server with the Hepsia Control Panel, your web programs shall be protected right from the start because ModSecurity is available with all Hepsia-based packages. You shall be able to control the firewall easily and if required, you shall be able to turn it off or switch on its passive mode when it'll only maintain a log of what is taking place without taking any action to stop possible attacks. The logs which you'll find within the very same section of the Control Panel are very detailed and feature info about the attacker IP, what website and file were attacked and in what ways, what rule the firewall used to stop the intrusion, etcetera. This data shall allow you to take measures and increase the protection of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones that our administrators include when they identify attacks that haven't yet been included inside the commercial pack.