ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and in case it identifies an intrusion attempt, it blocks it. The firewall furthermore maintains a more comprehensive log for the website visitors than any server does, so you'll manage to monitor what's going on with your Internet sites better than if you rely simply on standard logs. ModSecurity works with security rules based on which it prevents attacks. For instance, it detects if someone is attempting to log in to the admin area of a specific script multiple times or if a request is sent to execute a file with a certain command. In such situations these attempts trigger the corresponding rules and the software hinders the attempts immediately, and then records in-depth details about them inside its logs. ModSecurity is one of the very best software firewalls out there and it can easily protect your web applications against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Cloud Website Hosting

ModSecurity is available on all cloud website hosting web servers, so if you decide to host your Internet sites with our organization, they shall be shielded from a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you'll have to do on your end. You shall be able to stop ModSecurity for any site if required, or to switch on a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You will be able to view comprehensive logs from your Hepsia Control Panel including the IP where the attack originated from, what the attacker wanted to do and how ModSecurity handled the threat. As we take the safety of our clients' Internet sites very seriously, we use a set of commercial rules which we take from one of the leading companies that maintain such rules. Our administrators also add custom rules to ensure that your Internet sites shall be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server solutions and if you opt to host your sites with our company, there shall not be anything special you'll have to do as the firewall is switched on by default for all domains and subdomains which you add via your hosting CP. If required, you'll be able to disable ModSecurity for a particular site or switch on the so-called detection mode in which case the firewall will still operate and record data, but will not do anything to stop possible attacks against your sites. Detailed logs will be readily available inside your Control Panel and you will be able to see what type of attacks occurred, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, and so on. We use two sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and custom ones that our admins sometimes add to respond to newly identified threats on time.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers that are set up with our Hepsia Control Panel and you won't need to do anything specific on your end to employ it because it's turned on by default every time you include a new domain or subdomain on your hosting server. In case it disrupts any of your programs, you will be able to stop it through the respective part of Hepsia, or you can leave it in passive mode, so it will recognize attacks and will still keep a log for them, but will not block them. You may examine the logs later to determine what you can do to boost the safety of your websites since you will find information such as where an intrusion attempt originated from, what Internet site was attacked and in accordance with what rule ModSecurity responded, etcetera. The rules we employ are commercial, hence they are frequently updated by a security provider, but to be on the safe side, our administrators also add custom rules occasionally as to deal with any new threats they have found.