ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its overall performance and when it detects an intrusion attempt, it blocks it. The firewall furthermore keeps a more thorough log for the website visitors than any server does, so you'll be able to keep track of what is happening with your Internet sites better than if you rely only on conventional logs. ModSecurity employs security rules based on which it helps prevent attacks. For example, it identifies if someone is attempting to log in to the administration area of a particular script several times or if a request is sent to execute a file with a particular command. In these circumstances these attempts set off the corresponding rules and the firewall software blocks the attempts in real time, and then records detailed info about them within its logs. ModSecurity is among the very best software firewalls out there and it could easily protect your web applications against many threats and vulnerabilities, particularly in case you don’t update them or their plugins often.

ModSecurity in Website Hosting

ModSecurity comes standard with all website hosting solutions that we provide and it will be switched on automatically for any domain or subdomain you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you can switch on and deactivate it with only a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to stop them. The log for any of your sites shall contain comprehensive info such as the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are constantly updated and consist of both commercial ones we get from a third-party security business and custom ones which our system admins include in case that they detect a new type of attacks. That way, the sites you host here shall be a lot more protected without any action required on your end.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server plans and if you decide to host your Internet sites with our company, there will not be anything special you'll need to do as the firewall is turned on by default for all domains and subdomains you include via your hosting Control Panel. If required, you'll be able to disable ModSecurity for a certain site or activate the so-called detection mode in which case the firewall shall still function and record info, but will not do anything to stop possible attacks against your websites. Detailed logs shall be readily available in your Control Panel and you'll be able to see what sort of attacks happened, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, etc. We use 2 sorts of rules on our servers - commercial ones from a firm that operates in the field of web security, and custom ones which our admins occasionally add to respond to newly discovered threats on time.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers which are integrated with our Hepsia Control Panel and you won't have to do anything specific on your end to employ it as it is activated by default each time you include a new domain or subdomain on your hosting server. In case it disrupts any of your programs, you'll be able to stop it via the respective area of Hepsia, or you could leave it in passive mode, so it shall detect attacks and will still maintain a log for them, but won't prevent them. You'll be able to look at the logs later to learn what you can do to boost the safety of your Internet sites as you'll find information such as where an intrusion attempt came from, what website was attacked and based upon what rule ModSecurity reacted, and so on. The rules which we use are commercial, hence they're regularly updated by a security firm, but to be on the safe side, our admins also include custom rules occasionally in order to react to any new threats they have found.