ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its operation and in case it detects an intrusion attempt, it blocks it. The firewall also maintains a more comprehensive log for the traffic than any server does, so you shall manage to keep track of what's happening with your sites a lot better than if you rely merely on standard logs. ModSecurity uses security rules based on which it stops attacks. For example, it recognizes whether somebody is attempting to log in to the admin area of a particular script a number of times or if a request is sent to execute a file with a particular command. In such instances these attempts trigger the corresponding rules and the software hinders the attempts instantly, then records comprehensive info about them within its logs. ModSecurity is amongst the best software firewalls out there and it can protect your web applications against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.

ModSecurity in Hosting

ModSecurity is offered with every single hosting plan which we provide and it is turned on by default for every domain or subdomain that you include through your Hepsia Control Panel. In case it disrupts any of your programs or you'd like to disable it for some reason, you'll be able to do that through the ModSecurity section of Hepsia with simply a click. You can also activate a passive mode, so the firewall will recognize potential attacks and maintain a log, but won't take any action. You could see extensive logs in the very same section, including the IP address where the attack originated from, exactly what the attacker attempted to do and at what time, what ModSecurity did, etcetera. For optimum security of our customers we use a collection of commercial firewall rules combined with custom ones which are added by our system administrators.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting solutions and if you opt to host your Internet sites with our company, there will not be anything special you'll have to do as the firewall is activated by default for all domains and subdomains you add using your hosting CP. If needed, you can disable ModSecurity for a given Internet site or turn on the so-called detection mode in which case the firewall will still work and record information, but won't do anything to prevent possible attacks on your Internet sites. Thorough logs shall be accessible in your Control Panel and you shall be able to see what type of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks originated from, and so on. We employ 2 kinds of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom ones which our admins often include to respond to newly found threats in a timely manner.

ModSecurity in Dedicated Web Hosting

All of our dedicated servers which are installed with the Hepsia hosting Control Panel feature ModSecurity, so any application that you upload or set up shall be properly secured from the very beginning and you'll not have to worry about common attacks or vulnerabilities. An individual section within Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you will see in the logs shall enable you to to secure your Internet sites better - the IP an attack originated from, what website was attacked and exactly how, what ModSecurity rule was triggered, and so forth. With this data, you could see whether an Internet site needs an update, if you ought to block IPs from accessing your hosting server, etc. In addition to the third-party commercial security rules for ModSecurity which we use, our admins add custom ones too whenever they discover a new threat which is not yet a part of the commercial bundle.