ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its overall performance and if it identifies an intrusion attempt, it blocks it. The firewall also keeps a more comprehensive log for the website visitors than any web server does, so you'll be able to keep an eye on what's going on with your Internet sites better than if you rely merely on conventional logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it identifies whether anyone is attempting to log in to the administration area of a certain script a number of times or if a request is sent to execute a file with a particular command. In such cases these attempts set off the corresponding rules and the firewall blocks the attempts immediately, after that records detailed details about them within its logs. ModSecurity is among the best software firewalls out there and it could easily protect your web applications against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins often.

ModSecurity in Cloud Hosting

ModSecurity is provided with all cloud hosting machines, so when you opt to host your Internet sites with our company, they will be resistant to an array of attacks. The firewall is turned on as standard for all domains and subdomains, so there will be nothing you will have to do on your end. You will be able to stop ModSecurity for any site if required, or to enable a detection mode, so that all activity shall be recorded, but the firewall won't take any real action. You will be able to view detailed logs from your Hepsia CP including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity addressed the threat. As we take the protection of our clients' websites very seriously, we employ a group of commercial rules that we get from one of the leading firms that maintain this kind of rules. Our admins also include custom rules to ensure that your Internet sites shall be shielded from as many risks as possible.

ModSecurity in VPS Servers

Safety is essential to us, so we install ModSecurity on all VPS servers which are provided with the Hepsia Control Panel as a standard. The firewall can be managed through a dedicated section inside Hepsia and is turned on automatically when you include a new domain or create a subdomain, so you'll not need to do anything manually. You shall also be able to deactivate it or switch on the so-called detection mode, so it'll keep a log of potential attacks that you can later study, but shall not stop them. The logs in both passive and active modes include info regarding the type of the attack and how it was eliminated, what IP it originated from and other useful info that could help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. Beyond the commercial rules that we get for ModSecurity from a third-party security enterprise, we also implement our own rules since every now and then we discover specific attacks that are not yet present within the commercial package. That way, we could enhance the security of your Virtual private server immediately as opposed to awaiting an official update.