ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its performance and when it discovers an intrusion attempt, it prevents it. The firewall furthermore maintains a more comprehensive log for the traffic than any server does, so you will manage to keep an eye on what is happening with your Internet sites a lot better than if you rely simply on standard logs. ModSecurity works with security rules based on which it stops attacks. For example, it recognizes if anyone is trying to log in to the administrator area of a particular script a number of times or if a request is sent to execute a file with a certain command. In these cases these attempts set off the corresponding rules and the firewall hinders the attempts immediately, then records detailed details about them inside its logs. ModSecurity is amongst the best software firewalls on the market and it can protect your web applications against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

We offer ModSecurity with all cloud hosting plans, so your web applications will be protected against destructive attacks. The firewall is switched on by default for all domains and subdomains, but if you'd like, you'll be able to stop it through the respective area of your Hepsia CP. You can also activate a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you'll find inside Hepsia are extremely detailed and offer data about the nature of any attack, when it happened and from what IP, the firewall rule which was triggered, and so on. We employ a range of commercial rules that are regularly updated, but sometimes our administrators add custom rules as well in order to efficiently protect the sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting solutions and if you choose to host your Internet sites with our company, there shall not be anything special you'll need to do since the firewall is turned on by default for all domains and subdomains which you add using your hosting CP. If necessary, you'll be able to disable ModSecurity for a particular site or activate the so-called detection mode in which case the firewall will still work and record info, but won't do anything to prevent possible attacks against your sites. Detailed logs will be available within your Control Panel and you will be able to see what sort of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks originated from, etc. We use 2 types of rules on our servers - commercial ones from a company that operates in the field of web security, and customized ones that our admins sometimes include to respond to newly identified risks promptly.

ModSecurity in Dedicated Servers Hosting

If you opt to host your websites on a dedicated server with the Hepsia CP, your web apps shall be protected right from the start because ModSecurity is provided with all Hepsia-based solutions. You'll be able to manage the firewall easily and if required, you shall be able to turn it off or switch on its passive mode when it shall only maintain a log of what's taking place without taking any action to prevent potential attacks. The logs that you'll find within the exact same section of the Control Panel are very detailed and feature info about the attacker IP, what site and file were attacked and in what way, what rule the firewall employed to stop the intrusion, etcetera. This information shall enable you to take measures and improve the protection of your sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones which our admins add whenever they recognize attacks which haven't yet been included within the commercial pack.