ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and in case it identifies an intrusion attempt, it prevents it. The firewall furthermore maintains a more thorough log for the site visitors than any server does, so you will manage to keep an eye on what's going on with your Internet sites much better than if you rely only on standard logs. ModSecurity uses security rules based on which it stops attacks. For instance, it recognizes if anyone is attempting to log in to the admin area of a certain script several times or if a request is sent to execute a file with a particular command. In such instances these attempts trigger the corresponding rules and the firewall program hinders the attempts instantly, then records detailed details about them inside its logs. ModSecurity is one of the best software firewalls on the market and it could easily protect your web applications against many threats and vulnerabilities, especially if you don’t update them or their plugins regularly.

ModSecurity in Shared Web Hosting

ModSecurity is supplied with all shared web hosting machines, so when you choose to host your websites with our business, they shall be protected against an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you'll need to do on your end. You'll be able to stop ModSecurity for any Internet site if required, or to enable a detection mode, so that all activity shall be recorded, but the firewall will not take any real action. You shall be able to view detailed logs through your Hepsia CP including the IP where the attack came from, what the attacker wanted to do and how ModSecurity dealt with the threat. Since we take the protection of our customers' websites seriously, we employ a group of commercial rules that we get from one of the leading companies which maintain such rules. Our admins also include custom rules to make sure that your websites will be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting solutions and if you decide to host your sites with us, there shall not be anything special you will have to do given that the firewall is switched on by default for all domains and subdomains you include through your hosting Control Panel. If needed, you could disable ModSecurity for a given website or activate the so-called detection mode in which case the firewall shall still function and record data, but shall not do anything to stop possible attacks against your websites. Thorough logs will be accessible inside your Control Panel and you will be able to see what type of attacks took place, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, and so forth. We employ 2 sorts of rules on our servers - commercial ones from a business that operates in the field of web security, and custom made ones that our admins sometimes add to respond to newly discovered risks on time.

ModSecurity in VPS Hosting

Security is vital to us, so we set up ModSecurity on all virtual private servers which are made available with the Hepsia CP by default. The firewall can be managed via a dedicated section within Hepsia and is switched on automatically when you add a new domain or generate a subdomain, so you won't have to do anything by hand. You'll also be able to deactivate it or switch on the so-called detection mode, so it'll keep a log of potential attacks that you can later study, but won't block them. The logs in both passive and active modes offer info regarding the type of the attack and how it was prevented, what IP it came from and other useful info that might help you to tighten the security of your websites by updating them or blocking IPs, for example. Besides the commercial rules which we get for ModSecurity from a third-party security firm, we also employ our own rules because once in a while we detect specific attacks that are not yet present in the commercial package. That way, we can boost the security of your VPS immediately rather than waiting for a certified update.

ModSecurity in Dedicated Web Hosting

ModSecurity comes with all dedicated servers which are set up with our Hepsia Control Panel and you won't have to do anything specific on your end to employ it as it is switched on by default whenever you include a new domain or subdomain on your hosting server. In the event that it interferes with any of your applications, you'll be able to stop it via the respective section of Hepsia, or you may leave it working in passive mode, so it will recognize attacks and shall still maintain a log for them, but won't stop them. You may analyze the logs later to learn what you can do to boost the security of your Internet sites as you shall find info such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity responded, and so forth. The rules that we employ are commercial, hence they're frequently updated by a security company, but to be on the safe side, our admins also add custom rules once in a while in order to respond to any new threats they have identified.