ModSecurity

: Glossary; Disk Space; Hepsia Control Panel; Domains Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Monthly Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Get Started

ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and in case it detects an intrusion attempt, it blocks it. The firewall furthermore maintains a more comprehensive log for the site visitors than any web server does, so you will manage to monitor what's going on with your websites much better than if you rely only on conventional logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it identifies if somebody is attempting to log in to the administration area of a certain script a number of times or if a request is sent to execute a file with a certain command. In these situations these attempts set off the corresponding rules and the firewall software hinders the attempts instantly, after that records detailed details about them inside its logs. ModSecurity is among the best software firewalls out there and it can protect your web applications against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins frequently.

ModSecurity in Cloud Website Hosting

ModSecurity comes by default with all cloud website hosting packages which we provide and it will be activated automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to activate and deactivate it with a click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to stop them. The log for each of your Internet sites shall include elaborate information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules that we use are constantly updated and consist of both commercial ones which we get from a third-party security business and custom ones that our system admins include in case that they detect a new type of attacks. That way, the Internet sites you host here will be way more protected without any action expected on your end.