ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its functionality and in case it identifies an intrusion attempt, it blocks it. The firewall also keeps a more detailed log for the site visitors than any server does, so you will be able to keep an eye on what's happening with your Internet sites much better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For instance, it detects if anyone is trying to log in to the administrator area of a specific script multiple times or if a request is sent to execute a file with a specific command. In such circumstances these attempts set off the corresponding rules and the software blocks the attempts instantly, after that records comprehensive info about them in its logs. ModSecurity is amongst the most effective software firewalls on the market and it could easily protect your web applications against many threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Shared Web Hosting

ModSecurity can be found with each shared web hosting solution which we provide and it is switched on by default for every domain or subdomain which you add through your Hepsia CP. In the event that it interferes with any of your apps or you'd like to disable it for any reason, you shall be able to do this through the ModSecurity section of Hepsia with merely a mouse click. You could also use a passive mode, so the firewall will discover possible attacks and maintain a log, but will not take any action. You could view extensive logs in the very same section, including the IP where the attack originated from, what precisely the attacker tried to do and at what time, what ModSecurity did, etc. For max security of our customers we use a group of commercial firewall rules mixed with custom ones that are included by our system admins.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions which we offer include ModSecurity and since the firewall is enabled by default, any site you create under a domain or a subdomain will be protected immediately. An independent section inside the Hepsia Control Panel which comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll allow you to stop and start the firewall for any website or switch on a detection mode. With the last option, ModSecurity shall not take any action, but it shall still identify possible attacks and shall keep all data within a log as if it were 100% active. The logs can be found within the exact same section of the Control Panel and they include information about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, etc. The security rules which we employ on our machines are a mix of commercial ones from a security business and custom ones developed by our system admins. Therefore, we offer higher security for your web applications as we can shield them from attacks before security corporations release updates for completely new threats.

ModSecurity in Dedicated Servers Hosting

ModSecurity is provided with all dedicated servers that are integrated with our Hepsia Control Panel and you will not need to do anything specific on your end to employ it because it's activated by default each time you include a new domain or subdomain on your server. If it disrupts some of your apps, you will be able to stop it through the respective section of Hepsia, or you may leave it working in passive mode, so it'll identify attacks and will still maintain a log for them, but won't stop them. You may examine the logs later to learn what you can do to increase the safety of your Internet sites as you shall find details such as where an intrusion attempt came from, what website was attacked and based upon what rule ModSecurity reacted, and so forth. The rules we use are commercial, therefore they're constantly updated by a security provider, but to be on the safe side, our admins also include custom rules from time to time as to deal with any new threats they have identified.