ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its overall performance and if it discovers an intrusion attempt, it prevents it. The firewall furthermore keeps a more thorough log for the website visitors than any web server does, so you'll manage to monitor what is going on with your sites better than if you rely simply on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it detects whether anyone is trying to log in to the admin area of a specific script multiple times or if a request is sent to execute a file with a specific command. In such cases these attempts set off the corresponding rules and the software blocks the attempts right away, then records in-depth information about them inside its logs. ModSecurity is among the most effective software firewalls on the market and it can easily protect your web apps against a huge number of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Shared Hosting

ModSecurity is supplied with all shared hosting web servers, so if you opt to host your Internet sites with our company, they shall be shielded from an array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any website if required, or to activate a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You'll be able to view detailed logs using your Hepsia CP including the IP where the attack came from, what the attacker wished to do and how ModSecurity handled the threat. Since we take the safety of our customers' Internet sites very seriously, we use a set of commercial rules which we take from one of the top companies that maintain this type of rules. Our admins also include custom rules to make certain that your sites shall be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting packages and if you opt to host your websites with us, there will not be anything special you'll need to do since the firewall is activated by default for all domains and subdomains which you include using your hosting CP. If required, you can disable ModSecurity for a particular site or turn on the so-called detection mode in which case the firewall will still operate and record data, but shall not do anything to prevent possible attacks on your websites. Thorough logs shall be readily available inside your CP and you shall be able to see what type of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks originated from, and so on. We use two kinds of rules on our servers - commercial ones from a firm which operates in the field of web security, and customized ones which our admins sometimes include to respond to newly discovered risks on time.

ModSecurity in VPS Hosting

All virtual private servers that are provided with the Hepsia CP include ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the machine, so there shall not be anything special that you'll need to do to protect your websites. It will take you just a mouse click to stop ModSecurity if needed or to turn on its passive mode so that it records what occurs without taking any actions to prevent intrusions. You will be able to see the logs created in active or passive mode through the corresponding section of Hepsia and find out more about the type of the attack, where it came from, what rule the firewall used to tackle it, and so forth. We employ a mix of commercial and custom rules so as to make sure that ModSecurity will prevent as many risks as possible, consequently boosting the security of your web programs as much as possible.

ModSecurity in Dedicated Web Hosting

If you opt to host your websites on a dedicated server with the Hepsia CP, your web apps will be secured right from the start because ModSecurity is provided with all Hepsia-based packages. You shall be able to manage the firewall with ease and if needed, you will be able to turn it off or enable its passive mode when it will only keep a log of what's taking place without taking any action to prevent possible attacks. The logs which you can find inside the very same section of the CP are very detailed and include information about the attacker IP, what website and file were attacked and in what ways, what rule the firewall employed to stop the intrusion, and so on. This info shall allow you to take measures and increase the protection of your sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our staff add every time they identify attacks which have not yet been included in the commercial pack.