ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its functionality and if it discovers an intrusion attempt, it prevents it. The firewall additionally keeps a more comprehensive log for the traffic than any server does, so you will manage to monitor what's going on with your sites much better than if you rely merely on standard logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it recognizes if anyone is attempting to log in to the administrator area of a particular script multiple times or if a request is sent to execute a file with a particular command. In these cases these attempts trigger the corresponding rules and the firewall software blocks the attempts immediately, then records detailed information about them within its logs. ModSecurity is among the best software firewalls on the market and it could easily protect your web applications against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Cloud Website Hosting

ModSecurity is available on all cloud website hosting servers, so if you opt to host your Internet sites with our business, they will be protected against a wide range of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you shall have to do on your end. You'll be able to stop ModSecurity for any site if necessary, or to activate a detection mode, so all activity will be recorded, but the firewall will not take any real action. You shall be able to view specific logs via your Hepsia Control Panel including the IP address where the attack came from, what the attacker planned to do and how ModSecurity dealt with the threat. As we take the safety of our clients' sites very seriously, we use a set of commercial rules which we take from one of the best companies that maintain this sort of rules. Our admins also include custom rules to make sure that your websites will be protected against as many risks as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server plans and if you choose to host your sites with our company, there will not be anything special you'll need to do as the firewall is switched on by default for all domains and subdomains that you add using your hosting CP. If required, you can disable ModSecurity for a given site or switch on the so-called detection mode in which case the firewall shall still work and record information, but will not do anything to prevent potential attacks against your sites. Comprehensive logs will be readily available within your CP and you shall be able to see which kind of attacks happened, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks came from, and so forth. We employ two sorts of rules on our servers - commercial ones from a firm which operates in the field of web security, and customized ones which our administrators often add to respond to newly discovered threats promptly.

ModSecurity in VPS Servers

All VPS servers that are provided with the Hepsia Control Panel include ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the web server, so there won't be anything special which you'll have to do to protect your Internet sites. It'll take you only a click to stop ModSecurity if needed or to switch on its passive mode so that it records what happens without taking any measures to prevent intrusions. You shall be able to view the logs generated in passive or active mode through the corresponding section of Hepsia and learn more about the form of the attack, where it originated from, what rule the firewall used to take care of it, and so on. We use a mix of commercial and custom rules in order to ensure that ModSecurity shall block as many risks as possible, consequently boosting the protection of your web applications as much as possible.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers that are set up with our Hepsia Control Panel and you'll not have to do anything specific on your end to employ it because it's switched on by default every time you include a new domain or subdomain on your web server. In the event that it interferes with some of your programs, you will be able to stop it through the respective area of Hepsia, or you could leave it in passive mode, so it shall recognize attacks and shall still maintain a log for them, but won't prevent them. You could examine the logs later to determine what you can do to enhance the protection of your sites since you will find info such as where an intrusion attempt originated from, what Internet site was attacked and based on what rule ModSecurity reacted, and so forth. The rules that we employ are commercial, hence they are frequently updated by a security company, but to be on the safe side, our administrators also include custom rules every now and then as to react to any new threats they have identified.