ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its overall performance and in case it discovers an intrusion attempt, it prevents it. The firewall also maintains a more comprehensive log for the traffic than any server does, so you'll manage to keep track of what's going on with your sites better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it stops attacks. For example, it detects if someone is attempting to log in to the administrator area of a certain script multiple times or if a request is sent to execute a file with a certain command. In such instances these attempts set off the corresponding rules and the software blocks the attempts instantly, and then records detailed info about them in its logs. ModSecurity is among the best software firewalls available and it could easily protect your web applications against many threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.

ModSecurity in Cloud Web Hosting

We offer ModSecurity with all cloud web hosting solutions, so your web applications will be shielded from malicious attacks. The firewall is switched on by default for all domains and subdomains, but in case you would like, you shall be able to stop it through the respective section of your Hepsia Control Panel. You could also activate a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you will discover inside Hepsia are extremely detailed and feature info about the nature of any attack, when it transpired and from what IP, the firewall rule that was triggered, and so on. We use a set of commercial rules which are constantly updated, but sometimes our administrators add custom rules as well in order to efficiently protect the sites hosted on our machines.

ModSecurity in VPS Servers

All VPS servers that are offered with the Hepsia Control Panel feature ModSecurity. The firewall is set up and switched on by default for all domains which are hosted on the web server, so there shall not be anything special which you'll need to do to protect your websites. It'll take you a click to stop ModSecurity if required or to switch on its passive mode so that it records what goes on without taking any actions to prevent intrusions. You'll be able to see the logs produced in active or passive mode from the corresponding section of Hepsia and find out more about the type of the attack, where it originated from, what rule the firewall employed to handle it, and so forth. We employ a combination of commercial and custom rules in order to make sure that ModSecurity will prevent as many risks as possible, hence improving the security of your web programs as much as possible.