ModSecurity

: Hosting Glossary; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Customer Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Buy Now

ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its operation and if it discovers an intrusion attempt, it prevents it. The firewall also maintains a more thorough log for the site visitors than any server does, so you will manage to monitor what's happening with your sites a lot better than if you rely merely on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For example, it identifies if somebody is trying to log in to the admin area of a specific script a number of times or if a request is sent to execute a file with a certain command. In such cases these attempts trigger the corresponding rules and the firewall program hinders the attempts instantly, then records detailed details about them in its logs. ModSecurity is one of the most effective software firewalls available and it can protect your web apps against a huge number of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Web Hosting

ModSecurity is available on all web hosting machines, so if you decide to host your Internet sites with our organization, they shall be protected against an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you will need to do on your end. You shall be able to stop ModSecurity for any website if required, or to enable a detection mode, so that all activity will be recorded, but the firewall won't take any real action. You'll be able to view comprehensive logs via your Hepsia CP including the IP where the attack originated from, what the attacker wanted to do and how ModSecurity dealt with the threat. Since we take the security of our clients' sites seriously, we employ a group of commercial rules which we get from one of the leading companies which maintain this kind of rules. Our admins also add custom rules to make certain that your sites will be protected against as many risks as possible.