ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its functionality and if it discovers an intrusion attempt, it blocks it. The firewall additionally maintains a more detailed log for the site visitors than any server does, so you shall manage to keep track of what is going on with your sites better than if you rely only on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For example, it detects if anyone is trying to log in to the admin area of a given script a number of times or if a request is sent to execute a file with a specific command. In such situations these attempts set off the corresponding rules and the firewall program blocks the attempts immediately, after that records in-depth information about them inside its logs. ModSecurity is one of the most effective software firewalls available and it could easily protect your web applications against many threats and vulnerabilities, especially if you don’t update them or their plugins frequently.

ModSecurity in Cloud Web Hosting

ModSecurity is provided with all cloud web hosting servers, so when you choose to host your sites with our organization, they shall be shielded from an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you will have to do on your end. You'll be able to stop ModSecurity for any website if required, or to switch on a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You will be able to view comprehensive logs through your Hepsia Control Panel including the IP address where the attack originated from, what the attacker planned to do and how ModSecurity dealt with the threat. As we take the security of our clients' sites seriously, we employ a group of commercial rules which we take from one of the best companies which maintain such rules. Our administrators also add custom rules to make certain that your sites will be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting packages and if you decide to host your sites with us, there shall not be anything special you'll need to do given that the firewall is activated by default for all domains and subdomains that you include via your hosting Control Panel. If required, you could disable ModSecurity for a particular Internet site or activate the so-called detection mode in which case the firewall will still function and record information, but won't do anything to prevent potential attacks against your sites. Comprehensive logs will be readily available within your Control Panel and you'll be able to see what type of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks came from, etcetera. We employ two sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and custom made ones that our admins often include to respond to newly discovered risks on time.

ModSecurity in Dedicated Web Hosting

ModSecurity is provided as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the hosting server. In case that a web app doesn't function correctly, you may either disable the firewall or set it to operate in passive mode. The second means that ModSecurity shall keep a log of any potential attack that may happen, but will not take any action to prevent it. The logs generated in active or passive mode shall offer you additional details about the exact file that was attacked, the form of the attack and the IP address it came from, etcetera. This info will allow you to decide what steps you can take to improve the protection of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated often with a commercial pack from a third-party security provider we work with, but oftentimes our staff include their own rules also when they identify a new potential threat.