ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its overall performance and if it identifies an intrusion attempt, it blocks it. The firewall also maintains a more comprehensive log for the site visitors than any web server does, so you will be able to monitor what's going on with your Internet sites better than if you rely only on conventional logs. ModSecurity employs security rules based on which it stops attacks. For instance, it identifies whether anyone is trying to log in to the admin area of a certain script several times or if a request is sent to execute a file with a particular command. In these circumstances these attempts trigger the corresponding rules and the firewall program blocks the attempts in real time, then records comprehensive info about them inside its logs. ModSecurity is among the very best software firewalls out there and it can protect your web applications against thousands of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Shared Web Hosting

ModSecurity is available with every shared web hosting solution which we provide and it's turned on by default for every domain or subdomain which you add via your Hepsia Control Panel. In case it interferes with any of your apps or you would like to disable it for whatever reason, you shall be able to do this through the ModSecurity section of Hepsia with only a mouse click. You can also activate a passive mode, so the firewall will detect potential attacks and keep a log, but will not take any action. You'll be able to view detailed logs in the very same section, including the IP address where the attack came from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etc. For max safety of our customers we use a group of commercial firewall rules combined with custom ones which are included by our system admins.

ModSecurity in Dedicated Hosting

ModSecurity comes with all dedicated servers which are set up with our Hepsia CP and you'll not have to do anything specific on your end to employ it as it is switched on by default every time you add a new domain or subdomain on your server. In the event that it disrupts any of your programs, you'll be able to stop it through the respective section of Hepsia, or you may leave it in passive mode, so it shall detect attacks and will still keep a log for them, but shall not stop them. You may look at the logs later to learn what you can do to boost the protection of your sites as you will find details such as where an intrusion attempt originated from, what Internet site was attacked and based on what rule ModSecurity responded, etc. The rules that we use are commercial, hence they are regularly updated by a security firm, but to be on the safe side, our administrators also include custom rules occasionally as to deal with any new threats they have discovered.