ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its overall performance and in case it detects an intrusion attempt, it blocks it. The firewall also keeps a more thorough log for the website visitors than any server does, so you'll manage to monitor what's happening with your Internet sites much better than if you rely merely on standard logs. ModSecurity works with security rules based on which it stops attacks. For instance, it detects whether someone is trying to log in to the admin area of a specific script several times or if a request is sent to execute a file with a particular command. In such situations these attempts set off the corresponding rules and the firewall software blocks the attempts immediately, then records comprehensive info about them inside its logs. ModSecurity is one of the very best software firewalls available and it can easily protect your web apps against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

ModSecurity comes by default with all cloud hosting packages which we provide and it'll be activated automatically for any domain or subdomain which you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to activate and disable it with only a mouse click or set it to detection mode, so it shall keep a log of all attacks, but it'll not do anything to prevent them. The log for any of your sites will include in-depth info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules we use are frequently updated and incorporate both commercial ones which we get from a third-party security company and custom ones which our system administrators add in the event that they detect a new kind of attacks. That way, the websites that you host here will be a lot more secure without any action required on your end.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server packages and if you choose to host your sites with our company, there shall not be anything special you will have to do given that the firewall is switched on by default for all domains and subdomains you add via your hosting CP. If necessary, you could disable ModSecurity for a given site or switch on the so-called detection mode in which case the firewall will still work and record information, but will not do anything to prevent potential attacks against your Internet sites. In depth logs will be readily available inside your Control Panel and you shall be able to see which kind of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, and so on. We employ two sorts of rules on our servers - commercial ones from a company which operates in the field of web security, and customized ones which our admins sometimes include to respond to newly found threats in a timely manner.

ModSecurity in Dedicated Servers

All of our dedicated servers which are set up with the Hepsia hosting Control Panel feature ModSecurity, so any app you upload or set up shall be protected from the very beginning and you'll not need to concern yourself with common attacks or vulnerabilities. An individual section within Hepsia will enable you to start or stop the firewall for each and every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you'll discover in the logs can help you to secure your websites better - the IP an attack came from, what site was attacked and in what way, what ModSecurity rule was triggered, etc. With this data, you could see if a website needs an update, whether you should block IPs from accessing your web server, etc. Besides the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones as well whenever they find a new threat that is not yet in the commercial bundle.