ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and if it identifies an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the website visitors than any server does, so you will manage to monitor what is happening with your Internet sites much better than if you rely merely on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For example, it identifies whether anyone is attempting to log in to the admin area of a certain script multiple times or if a request is sent to execute a file with a certain command. In such cases these attempts set off the corresponding rules and the software blocks the attempts instantly, after that records detailed details about them inside its logs. ModSecurity is among the very best software firewalls out there and it could easily protect your web apps against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins often.

ModSecurity in Shared Web Hosting

ModSecurity comes standard with all shared web hosting solutions which we supply and it shall be turned on automatically for any domain or subdomain that you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you could switch on and disable it with simply a click or set it to detection mode, so it'll keep a log of all attacks, but it will not do anything to stop them. The log for any of your sites will contain in-depth information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are regularly updated and include both commercial ones we get from a third-party security business and custom ones that our system admins add in the event that they detect a new sort of attacks. That way, the Internet sites you host here shall be much more protected with no action expected on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans which we offer include ModSecurity and since the firewall is enabled by default, any website you create under a domain or a subdomain shall be protected straight away. A separate section inside the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it will permit you to start and stop the firewall for any Internet site or enable a detection mode. With the latter, ModSecurity will not take any action, but it'll still identify possible attacks and will keep all data within a log as if it were 100% active. The logs can be found inside the exact same section of the CP and they feature info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules which we use on our machines are a mix of commercial ones from a security business and custom ones made by our system administrators. As a result, we provide greater security for your web programs as we can defend them from attacks even before security corporations release updates for brand new threats.

ModSecurity in Dedicated Web Hosting

ModSecurity is available by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the hosting server. Just in case that a web application doesn't function adequately, you can either switch off the firewall or set it to work in passive mode. The latter means that ModSecurity will keep a log of any potential attack that could occur, but shall not take any action to stop it. The logs generated in passive or active mode shall present you with additional details about the exact file that was attacked, the nature of the attack and the IP address it originated from, and so forth. This data will enable you to decide what steps you can take to increase the protection of your sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we employ are updated often with a commercial bundle from a third-party security enterprise we work with, but occasionally our staff add their own rules as well when they discover a new potential threat.