ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and if it discovers an intrusion attempt, it prevents it. The firewall additionally keeps a more comprehensive log for the site visitors than any web server does, so you shall be able to monitor what's happening with your websites much better than if you rely only on conventional logs. ModSecurity works with security rules based on which it helps prevent attacks. For example, it detects if somebody is attempting to log in to the administration area of a certain script multiple times or if a request is sent to execute a file with a certain command. In these circumstances these attempts trigger the corresponding rules and the software hinders the attempts right away, then records detailed details about them in its logs. ModSecurity is amongst the very best software firewalls on the market and it can easily protect your web applications against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.

ModSecurity in Cloud Hosting

We provide ModSecurity with all cloud hosting solutions, so your Internet applications will be shielded from harmful attacks. The firewall is switched on by default for all domains and subdomains, but in case you'd like, you will be able to stop it via the respective part of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you'll discover within Hepsia are quite detailed and feature information about the nature of any attack, when it transpired and from what IP, the firewall rule that was triggered, and so forth. We employ a group of commercial rules which are frequently updated, but sometimes our administrators include custom rules as well so as to efficiently protect the Internet sites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

We have incorporated ModSecurity as a standard in all semi-dedicated hosting packages, so your web applications shall be protected the instant you install them under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts will permit you to enable or turn off the firewall for any website with a click. You shall also have the ability to turn on a passive detection mode in which ModSecurity shall maintain a log of potential attacks without really stopping them. The comprehensive logs include the nature of the attack and what ModSecurity response that attack triggered, where it originated from, etcetera. The list of rules we employ is regularly updated in order to match any new threats which may appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones which our admins include in the event that they find a threat that is not present in the commercial list yet.

ModSecurity in VPS

Safety is vital to us, so we set up ModSecurity on all virtual private servers that are provided with the Hepsia CP as a standard. The firewall can be managed via a dedicated section in Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you will not have to do anything manually. You will also be able to deactivate it or activate the so-called detection mode, so it will maintain a log of potential attacks which you can later analyze, but won't prevent them. The logs in both passive and active modes contain info regarding the type of the attack and how it was eliminated, what IP address it originated from and other valuable information that could help you to tighten the security of your websites by updating them or blocking IPs, as an example. Beyond the commercial rules which we get for ModSecurity from a third-party security enterprise, we also employ our own rules since every now and then we find specific attacks which are not yet present in the commercial pack. That way, we could increase the protection of your Virtual private server promptly rather than awaiting a certified update.

ModSecurity in Dedicated Hosting

All of our dedicated servers which are set up with the Hepsia hosting CP come with ModSecurity, so any application which you upload or install will be secured from the very beginning and you won't have to concern yourself with common attacks or vulnerabilities. An individual section within Hepsia will allow you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you shall see in the logs shall allow you to to secure your Internet sites better - the IP an attack originated from, what site was attacked as well as how, what ModSecurity rule was triggered, and so on. With this information, you can see if a site needs an update, if you ought to block IPs from accessing your server, and so forth. In addition to the third-party commercial security rules for ModSecurity that we use, our administrators add custom ones too every time they find a new threat that is not yet included in the commercial bundle.