ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its overall performance and if it identifies an intrusion attempt, it prevents it. The firewall additionally keeps a more detailed log for the site visitors than any web server does, so you will be able to monitor what's happening with your websites a lot better than if you rely simply on standard logs. ModSecurity works with security rules based on which it stops attacks. For example, it detects whether somebody is trying to log in to the administrator area of a particular script multiple times or if a request is sent to execute a file with a particular command. In such instances these attempts set off the corresponding rules and the software blocks the attempts right away, then records in-depth info about them inside its logs. ModSecurity is one of the very best software firewalls out there and it could easily protect your web applications against many threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

We offer ModSecurity with all cloud hosting solutions, so your Internet applications will be protected against malicious attacks. The firewall is activated as standard for all domains and subdomains, but in case you would like, you'll be able to stop it using the respective section of your Hepsia CP. You could also activate a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you will find inside Hepsia are extremely detailed and offer info about the nature of any attack, when it transpired and from what IP address, the firewall rule that was triggered, etc. We use a set of commercial rules that are constantly updated, but sometimes our admins include custom rules as well so as to efficiently protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

We've included ModSecurity as a standard within all semi-dedicated server packages, so your web apps will be protected the instant you set them up under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall allow you to enable or turn off the firewall for any Internet site with a click. You will also be able to turn on a passive detection mode in which ModSecurity will maintain a log of potential attacks without actually stopping them. The comprehensive logs include things like the nature of the attack and what ModSecurity response that attack caused, where it came from, and so forth. The list of rules which we employ is frequently updated as to match any new risks that could appear on the Internet and it comes with both commercial rules that we get from a security firm and custom-written ones which our administrators include in the event that they find a threat which is not present within the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are provided with the Hepsia hosting CP, so your web applications will be protected from the moment your server is in a position. The firewall is activated by default for any domain or subdomain on the Virtual Private Server, but if needed, you can deactivate it with a click of your mouse from the corresponding section of Hepsia. You could also set it to work in detection mode, so it'll keep a detailed log of any potential attacks without taking any action to prevent them. The logs are available inside the same section and provide information about the nature of the attack, what IP address it came from and what ModSecurity rule was triggered to stop it. For optimum security, we employ not just commercial rules from a company working in the field of web security, but also custom ones our administrators include personally in order to react to new threats that are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers

All of our dedicated servers which are installed with the Hepsia hosting Control Panel feature ModSecurity, so any application that you upload or install shall be protected from the very beginning and you will not have to worry about common attacks or vulnerabilities. An independent section within Hepsia will permit you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records info about intrusions, but does not take actions to stop them. What you'll see in the logs shall enable you to to secure your Internet sites better - the IP an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, and so forth. With this information, you could see whether a site needs an update, whether you ought to block IPs from accessing your server, etc. In addition to the third-party commercial security rules for ModSecurity we use, our administrators add custom ones too every time they discover a new threat which is not yet in the commercial bundle.