ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its performance and if it identifies an intrusion attempt, it prevents it. The firewall furthermore maintains a more comprehensive log for the website visitors than any server does, so you shall manage to keep an eye on what is happening with your websites a lot better than if you rely only on standard logs. ModSecurity employs security rules based on which it prevents attacks. For example, it identifies if somebody is attempting to log in to the administration area of a specific script a number of times or if a request is sent to execute a file with a specific command. In these situations these attempts trigger the corresponding rules and the firewall software hinders the attempts right away, and then records in-depth info about them in its logs. ModSecurity is amongst the most effective software firewalls on the market and it could easily protect your web applications against a large number of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Cloud Hosting

ModSecurity is available with every cloud hosting package that we offer and it is switched on by default for every domain or subdomain which you include through your Hepsia Control Panel. In the event that it interferes with any of your apps or you would like to disable it for some reason, you will be able to do this through the ModSecurity section of Hepsia with merely a mouse click. You can also enable a passive mode, so the firewall will discover possible attacks and keep a log, but shall not take any action. You can see extensive logs in the very same section, including the IP where the attack originated from, exactly what the attacker aimed to do and at what time, what ModSecurity did, and so forth. For max security of our customers we use a group of commercial firewall rules combined with custom ones which are included by our system admins.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions which we offer come with ModSecurity and given that the firewall is enabled by default, any website which you set up under a domain or a subdomain will be protected straight away. An independent section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll permit you to start and stop the firewall for any Internet site or activate a detection mode. With the latter, ModSecurity won't take any action, but it shall still recognize possible attacks and shall keep all information inside a log as if it were 100% active. The logs can be found within the exact same section of the CP and they feature specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules we use on our machines are a mix between commercial ones from a security business and custom ones created by our system admins. Therefore, we provide greater security for your web apps as we can defend them from attacks before security corporations release updates for new threats.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers that we offer and it shall be turned on automatically for every new domain or subdomain you include on the server. This way, any web app you install will be protected immediately without doing anything by hand on your end. The firewall could be handled from the section of the Control Panel which has the same name. This is the place in whichyou could disable ModSecurity or enable its passive mode, so it won't take any action toward threats, but will still keep a detailed log. The recorded data is available inside the same area as well and you shall be able to see what IPs any attacks originated from so that you can block them, what the nature of the attempted attacks was and based on what security rules ModSecurity reacted. The rules we use on our servers are a combination between commercial ones that we get from a security company and custom ones which are included by our staff to optimize the security of any web apps hosted on our end.

ModSecurity in Dedicated Servers

When you decide to host your sites on a dedicated server with the Hepsia Control Panel, your web applications shall be protected immediately since ModSecurity is available with all Hepsia-based packages. You will be able to regulate the firewall without difficulty and if required, you'll be able to turn it off or switch on its passive mode when it'll only keep a log of what is going on without taking any action to prevent potential attacks. The logs which you will find within the very same section of the Control Panel are extremely detailed and feature information about the attacker IP, what site and file were attacked and in what ways, what rule the firewall used to prevent the intrusion, and so forth. This information shall enable you to take measures and increase the protection of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our admins include when they detect attacks which have not yet been included in the commercial pack.