ModSecurity

: Terminology; AAAA Records; Access Log Manager; Additional RAM; Administration Services; Advanced Tools; Email Aliases; Antivirus Protection; APC; Web Apps; Auto-reply Emails; Browsable Daily Backups; Catch-all Emails; CentOS; Live Chat Support; ClientExec Billing And Support Software; Genuine Cloud Architecture; CNAME Records; Hosting Control Panel; Hardware; CPanel Control Panel; CPU Share; Cron Jobs; Custom Error Pages; MX And A Records; Daily Data Back-up; Data Centers; Data Compression; Debian; Dedicated IP; Server Network Hardware; DirectAdmin Control Panel; Disk Space; Domain Backorders; DomainKeys Identified Mail; Domain Manager; Parked Domains; Domain Registration Transfer; Dreamweaver Compatible; Dropbox Backups; Email Forwarding; Email Manager; Enom Domain Name Reseller Account; EPP Transfer Protection; Error Log Viewer; Extensive Online Documentation; Extra Dedicated IPs; File Manager; FTP Accounts; FTP Manager; DNS Management; WHOIS Management; Guaranteed RAM; Hepsia Control Panel; Domain Names Hosted; Hotlinking Protection; Htaccess Generator; WHOIS Shield; Imagemagick And GD Library; InnoDB; Installation And Troubleshooting; Instant Account Activation; Integrated Ticketing System; IonCube; IP Blocking; JailHost; Email Accounts; Mailing Lists; Mailing List Members; Managed Services Package; Marketing Tools; Money Back Guarantee; Memcached; Microsoft FPE; ModSecurity; Monitoring And Rebooting; MySQL And Load Stats; 2.5 Gbit Network Connectivity; Data Corruption; Node.js; No Overselling; NS Records; One-Hour Response Guarantee; Perl Modules; Password Protected Directories; Perl; PgSQL Databases; PgSQL Database Storage; Phone Support; PHP 4 And PHP 5 Support; PhpMyAdmin; PhpPgAdmin; Python; RAID; Registrar Lock; Server Reselling Options; Server Side Includes; Shared SSL IP; SiteMap Generator; SMTP Server; Spam Filters; SPF Protection; MySQL Databases; MySQL Database Storage; SRV Records; Data Caching; SSL Certificate Generator; Stable Linux With Apache; Subdomains; Support; Data Traffic; TXT Records; Ubuntu; UPS And Diesel Back-up Generator; Service Uptime Guarantee; URL Redirection; Varnish; VPN Traffic; Multiple Control Panels; Set-up Fees; Multiple OS; Full Root-level Access; SSH Telnet; Web Accelerators; Online Site Builder; Web And FTP Statistics; Web Installer; Webmail; Assisted Website Migration; Website Manager; Free Website Themes; Weekly Backup; Weekly OS Update; Zend Optimizer; ZFS Mails And MySQL; Join us

ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its functionality and when it discovers an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the traffic than any web server does, so you shall be able to monitor what's happening with your sites better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For example, it identifies whether somebody is attempting to log in to the administrator area of a particular script a number of times or if a request is sent to execute a file with a certain command. In these cases these attempts trigger the corresponding rules and the firewall hinders the attempts in real time, and then records in-depth information about them within its logs. ModSecurity is among the best software firewalls on the market and it can protect your web apps against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Shared Web Hosting

ModSecurity is offered with every shared web hosting package which we provide and it is switched on by default for any domain or subdomain that you include through your Hepsia CP. If it disrupts any of your apps or you'd like to disable it for some reason, you shall be able to do that through the ModSecurity section of Hepsia with only a mouse click. You can also activate a passive mode, so the firewall will discover possible attacks and keep a log, but will not take any action. You'll be able to see extensive logs in the same section, including the IP address where the attack originated from, what exactly the attacker attempted to do and at what time, what ModSecurity did, and so on. For maximum protection of our clients we use a group of commercial firewall rules mixed with custom ones which are included by our system administrators.