ModSecurity

: Hosting Definitions; Disk Space; Hepsia Control Panel; Domain Names Hosted; InnoDB; Integrated Ticketing System; Email Accounts; Memcached; Node.js; Subdomains; Support; Data Traffic; Varnish; VPN Traffic; Assisted Website Migration; Weekly Backup; Buy Now

ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and when it identifies an intrusion attempt, it prevents it. The firewall also maintains a more comprehensive log for the traffic than any web server does, so you'll manage to keep an eye on what is going on with your sites a lot better than if you rely only on conventional logs. ModSecurity works with security rules based on which it stops attacks. For example, it identifies if someone is attempting to log in to the administrator area of a particular script several times or if a request is sent to execute a file with a certain command. In such situations these attempts set off the corresponding rules and the firewall software hinders the attempts immediately, and then records in-depth info about them within its logs. ModSecurity is one of the very best software firewalls on the market and it can protect your web applications against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins regularly.

: ModSecurity in Cloud Website Hosting

ModSecurity comes by default with all cloud website hosting plans which we provide and it will be turned on automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and disable it with simply a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it'll not do anything to prevent them. The log for any of your websites will include detailed info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules that we use are constantly updated and include both commercial ones we get from a third-party security firm and custom ones our system administrators include in the event that they detect a new sort of attacks. That way, the Internet sites which you host here shall be way more secure without any action needed on your end.