ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its overall performance and when it identifies an intrusion attempt, it prevents it. The firewall additionally keeps a more comprehensive log for the website visitors than any server does, so you will be able to keep track of what is going on with your Internet sites much better than if you rely simply on standard logs. ModSecurity uses security rules based on which it prevents attacks. For example, it recognizes if somebody is attempting to log in to the admin area of a certain script a number of times or if a request is sent to execute a file with a particular command. In such situations these attempts trigger the corresponding rules and the firewall program blocks the attempts immediately, after that records comprehensive information about them inside its logs. ModSecurity is among the very best software firewalls out there and it can easily protect your web applications against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

ModSecurity is available on all cloud hosting machines, so if you choose to host your websites with our business, they shall be shielded from a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any Internet site if required, or to enable a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You'll be able to view specific logs from your Hepsia Control Panel including the IP address where the attack came from, what the attacker planned to do and how ModSecurity handled the threat. Since we take the security of our customers' sites very seriously, we employ a set of commercial rules that we take from one of the top firms that maintain such rules. Our admins also include custom rules to ensure that your sites will be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions which we offer come with ModSecurity and since the firewall is switched on by default, any site you create under a domain or a subdomain will be protected right away. An individual section within the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it'll enable you to stop and start the firewall for any Internet site or switch on a detection mode. With the last option, ModSecurity shall not take any action, but it shall still identify possible attacks and will keep all data inside a log as if it were completely active. The logs could be found within the same section of the Control Panel and they offer information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules we employ on our web servers are a mix between commercial ones from a security company and custom ones created by our system administrators. Consequently, we offer higher security for your web applications as we can defend them from attacks even before security companies release updates for completely new threats.

ModSecurity in Dedicated Servers

All of our dedicated servers that are installed with the Hepsia hosting Control Panel come with ModSecurity, so any program that you upload or set up shall be secured from the very beginning and you will not have to worry about common attacks or vulnerabilities. An independent section in Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to stop them. What you will discover in the logs shall allow you to to secure your websites better - the IP an attack came from, what website was attacked and how, what ModSecurity rule was triggered, and so forth. With this data, you'll be able to see if a site needs an update, if you need to block IPs from accessing your server, and so on. On top of the third-party commercial security rules for ModSecurity we use, our admins include custom ones too every time they find a new threat that's not yet included in the commercial bundle.