ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its functionality and when it detects an intrusion attempt, it prevents it. The firewall furthermore maintains a more thorough log for the website visitors than any server does, so you shall manage to monitor what's going on with your sites better than if you rely simply on standard logs. ModSecurity works with security rules based on which it prevents attacks. For instance, it detects if anyone is attempting to log in to the administration area of a given script multiple times or if a request is sent to execute a file with a certain command. In such instances these attempts trigger the corresponding rules and the firewall blocks the attempts in real time, then records in-depth details about them within its logs. ModSecurity is among the best software firewalls on the market and it can protect your web apps against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.

ModSecurity in Cloud Web Hosting

We provide ModSecurity with all cloud web hosting packages, so your Internet applications will be shielded from malicious attacks. The firewall is switched on as standard for all domains and subdomains, but if you'd like, you shall be able to stop it through the respective area of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you will discover within Hepsia are very detailed and include data about the nature of any attack, when it took place and from what IP address, the firewall rule which was triggered, etcetera. We employ a group of commercial rules which are often updated, but sometimes our administrators include custom rules as well so as to better protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions which we offer feature ModSecurity and given that the firewall is switched on by default, any Internet site you build under a domain or a subdomain shall be secured right away. An independent section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it will enable you to start and stop the firewall for any website or enable a detection mode. With the latter, ModSecurity won't take any action, but it will still detect possible attacks and will keep all data in a log as if it were fully active. The logs can be found inside the exact same section of the Control Panel and they feature specifics about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules we employ on our servers are a mix of commercial ones from a security company and custom ones created by our system admins. As a result, we provide greater security for your web programs as we can defend them from attacks even before security businesses release updates for brand new threats.

ModSecurity in Dedicated Servers Hosting

ModSecurity comes with all dedicated servers which are set up with our Hepsia Control Panel and you will not need to do anything specific on your end to employ it because it's enabled by default every time you include a new domain or subdomain on your web server. In case it disrupts any of your apps, you shall be able to stop it through the respective section of Hepsia, or you may leave it in passive mode, so it shall identify attacks and shall still keep a log for them, but shall not stop them. You may look at the logs later to determine what you can do to enhance the security of your websites since you will find details such as where an intrusion attempt came from, what site was attacked and in accordance with what rule ModSecurity responded, etc. The rules that we use are commercial, thus they are constantly updated by a security provider, but to be on the safe side, our staff also add custom rules once in a while in order to react to any new threats they have discovered.