ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its overall performance and in case it detects an intrusion attempt, it blocks it. The firewall also keeps a more comprehensive log for the traffic than any web server does, so you shall be able to monitor what's going on with your websites much better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it stops attacks. For example, it recognizes if someone is trying to log in to the administrator area of a specific script several times or if a request is sent to execute a file with a certain command. In these circumstances these attempts trigger the corresponding rules and the firewall program blocks the attempts in real time, then records comprehensive information about them inside its logs. ModSecurity is amongst the most effective software firewalls out there and it could easily protect your web applications against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins often.

ModSecurity in Shared Hosting

ModSecurity is available on all shared hosting web servers, so when you choose to host your sites with our organization, they will be protected against a wide range of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you will have to do on your end. You will be able to stop ModSecurity for any website if required, or to switch on a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You'll be able to view comprehensive logs through your Hepsia CP including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity addressed the threat. As we take the protection of our clients' Internet sites seriously, we use a collection of commercial rules that we take from one of the best firms that maintain this kind of rules. Our administrators also add custom rules to make certain that your Internet sites shall be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting solutions and if you choose to host your websites with our company, there shall not be anything special you'll need to do given that the firewall is activated by default for all domains and subdomains which you add via your hosting Control Panel. If necessary, you could disable ModSecurity for a given website or enable the so-called detection mode in which case the firewall will still operate and record info, but shall not do anything to prevent potential attacks on your websites. Thorough logs will be available in your CP and you'll be able to see what sort of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, and so on. We employ 2 sorts of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom made ones that our admins sometimes include to respond to newly discovered risks on time.

ModSecurity in VPS Hosting

All virtual private servers that are offered with the Hepsia CP feature ModSecurity. The firewall is set up and turned on by default for all domains that are hosted on the web server, so there will not be anything special that you will have to do to protect your Internet sites. It will take you a mouse click to stop ModSecurity if needed or to activate its passive mode so that it records what happens without taking any measures to prevent intrusions. You will be able to look at the logs created in passive or active mode from the corresponding section of Hepsia and discover more about the type of the attack, where it originated from, what rule the firewall employed to handle it, and so on. We use a mix of commercial and custom rules in order to make certain that ModSecurity will block as many risks as possible, hence improving the protection of your web programs as much as possible.

ModSecurity in Dedicated Web Hosting

ModSecurity is provided with all dedicated servers which are set up with our Hepsia Control Panel and you will not need to do anything specific on your end to employ it since it's enabled by default each time you add a new domain or subdomain on your server. If it disrupts any of your applications, you will be able to stop it through the respective area of Hepsia, or you can leave it in passive mode, so it shall detect attacks and shall still maintain a log for them, but shall not block them. You could look at the logs later to find out what you can do to enhance the safety of your sites since you will find information such as where an intrusion attempt originated from, what website was attacked and in accordance with what rule ModSecurity responded, etc. The rules that we use are commercial, therefore they are regularly updated by a security company, but to be on the safe side, our staff also add custom rules from time to time as to deal with any new threats they have identified.