ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its operation and when it discovers an intrusion attempt, it blocks it. The firewall also keeps a more thorough log for the website visitors than any server does, so you'll be able to keep track of what is happening with your sites a lot better than if you rely merely on conventional logs. ModSecurity works with security rules based on which it helps prevent attacks. For instance, it identifies whether anyone is trying to log in to the administrator area of a certain script multiple times or if a request is sent to execute a file with a certain command. In these situations these attempts trigger the corresponding rules and the firewall program hinders the attempts instantly, after that records detailed details about them in its logs. ModSecurity is among the most effective software firewalls out there and it could easily protect your web apps against a large number of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Cloud Website Hosting

We provide ModSecurity with all cloud website hosting packages, so your web apps will be resistant to harmful attacks. The firewall is turned on as standard for all domains and subdomains, but in case you'd like, you will be able to stop it through the respective part of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but won't take any action. The logs that you shall discover within Hepsia are incredibly detailed and offer info about the nature of any attack, when it occurred and from what IP, the firewall rule that was triggered, etcetera. We employ a range of commercial rules that are regularly updated, but sometimes our administrators add custom rules as well in order to efficiently protect the Internet sites hosted on our machines.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server solutions and if you decide to host your websites with our company, there will not be anything special you'll need to do as the firewall is switched on by default for all domains and subdomains that you include via your hosting Control Panel. If needed, you could disable ModSecurity for a certain website or turn on the so-called detection mode in which case the firewall shall still function and record data, but shall not do anything to stop possible attacks against your websites. Comprehensive logs shall be readily available inside your CP and you shall be able to see which kind of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, and so forth. We employ two sorts of rules on our servers - commercial ones from a company which operates in the field of web security, and customized ones which our admins often include to respond to newly found risks in a timely manner.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers which are set up with our Hepsia CP and you will not have to do anything specific on your end to employ it as it is turned on by default every time you include a new domain or subdomain on your hosting server. If it disrupts any of your applications, you'll be able to stop it via the respective area of Hepsia, or you could leave it working in passive mode, so it will detect attacks and will still keep a log for them, but won't prevent them. You can look at the logs later to find out what you can do to increase the security of your sites as you'll find information such as where an intrusion attempt originated from, what Internet site was attacked and in accordance with what rule ModSecurity responded, etc. The rules we employ are commercial, hence they are constantly updated by a security company, but to be on the safe side, our admins also include custom rules occasionally as to react to any new threats they have identified.