ModSecurity
Discover how having ModSecurity allowed in your website hosting account will help silently with your website security.
ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its overall performance and in case it discovers an intrusion attempt, it prevents it. The firewall additionally maintains a more thorough log for the traffic than any web server does, so you shall manage to monitor what's going on with your Internet sites much better than if you rely merely on standard logs. ModSecurity uses security rules based on which it prevents attacks. For instance, it detects whether somebody is trying to log in to the administration area of a given script multiple times or if a request is sent to execute a file with a specific command. In these instances these attempts trigger the corresponding rules and the firewall software hinders the attempts right away, and then records detailed information about them within its logs. ModSecurity is amongst the most effective software firewalls on the market and it can protect your web apps against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.
-
ModSecurity in Shared Website Hosting
We provide ModSecurity with all
shared website hosting solutions, so your web apps shall be protected against destructive attacks. The firewall is switched on by default for all domains and subdomains, but if you would like, you shall be able to stop it via the respective part of your Hepsia CP. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs which you shall discover within Hepsia are very detailed and include data about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, etcetera. We use a group of commercial rules which are constantly updated, but sometimes our admins include custom rules as well in order to efficiently protect the websites hosted on our machines.
-
ModSecurity in Semi-dedicated Hosting
ModSecurity is part of our
semi-dedicated hosting packages and if you opt to host your sites with our company, there won't be anything special you will have to do since the firewall is activated by default for all domains and subdomains which you include via your hosting CP. If needed, you'll be able to disable ModSecurity for a particular website or turn on the so-called detection mode in which case the firewall shall still work and record data, but won't do anything to prevent possible attacks against your websites. In depth logs shall be readily available within your CP and you shall be able to see what sort of attacks happened, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, etcetera. We employ two sorts of rules on our servers - commercial ones from a business which operates in the field of web security, and custom ones which our administrators sometimes include to respond to newly discovered threats promptly.
-
ModSecurity in Dedicated Servers Hosting
If you choose to host your sites on a
dedicated server with the Hepsia CP, your web programs will be protected right away because ModSecurity is available with all Hepsia-based plans. You shall be able to control the firewall effortlessly and if required, you shall be able to turn it off or switch on its passive mode when it will only maintain a log of what's happening without taking any action to stop possible attacks. The logs which you can find within the exact same section of the Control Panel are very detailed and feature information about the attacker IP, what website and file were attacked and in what ways, what rule the firewall used to stop the intrusion, and so forth. This data will enable you to take measures and enhance the security of your websites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones which our staff add when they identify attacks that haven't yet been included in the commercial pack.