ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its overall performance and when it discovers an intrusion attempt, it prevents it. The firewall additionally keeps a more thorough log for the site visitors than any server does, so you'll manage to keep an eye on what's going on with your websites a lot better than if you rely only on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it detects if somebody is attempting to log in to the administration area of a given script a number of times or if a request is sent to execute a file with a particular command. In these cases these attempts trigger the corresponding rules and the firewall program hinders the attempts instantly, after that records in-depth details about them in its logs. ModSecurity is among the best software firewalls available and it can protect your web applications against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.

ModSecurity in Web Hosting

We provide ModSecurity with all web hosting plans, so your Internet applications shall be protected against malicious attacks. The firewall is switched on as standard for all domains and subdomains, but in case you would like, you will be able to stop it using the respective area of your Hepsia CP. You can also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you'll discover within Hepsia are quite detailed and offer information about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, and so forth. We employ a set of commercial rules that are frequently updated, but sometimes our administrators add custom rules as well so as to better protect the sites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting packages and if you decide to host your Internet sites with our company, there will not be anything special you'll have to do as the firewall is activated by default for all domains and subdomains which you add through your hosting CP. If needed, you could disable ModSecurity for a certain site or turn on the so-called detection mode in which case the firewall shall still operate and record data, but won't do anything to stop potential attacks against your Internet sites. Comprehensive logs will be readily available inside your Control Panel and you'll be able to see what type of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks originated from, and so forth. We use two kinds of rules on our servers - commercial ones from an organization which operates in the field of web security, and customized ones that our admins often include to respond to newly discovered risks promptly.

ModSecurity in Dedicated Web Hosting

When you opt to host your Internet sites on a dedicated server with the Hepsia CP, your web applications will be secured straight away as ModSecurity is supplied with all Hepsia-based packages. You shall be able to control the firewall with ease and if needed, you shall be able to turn it off or activate its passive mode when it shall only keep a log of what is going on without taking any action to stop potential attacks. The logs which you will find in the same section of the Control Panel are very detailed and contain data about the attacker IP address, what site and file were attacked and in what way, what rule the firewall employed to stop the intrusion, etcetera. This information shall allow you to take measures and increase the protection of your websites even more. To be on the safe side, we employ not just commercial rules, but also custom-made ones that our staff include when they recognize attacks which haven't yet been included in the commercial pack.