ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its operation and in case it detects an intrusion attempt, it prevents it. The firewall also maintains a more detailed log for the website visitors than any web server does, so you'll manage to keep an eye on what is happening with your sites a lot better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For example, it detects whether someone is trying to log in to the admin area of a particular script multiple times or if a request is sent to execute a file with a specific command. In these cases these attempts set off the corresponding rules and the firewall program blocks the attempts in real time, and then records comprehensive information about them in its logs. ModSecurity is among the best software firewalls on the market and it can easily protect your web applications against a huge number of threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Web Hosting

ModSecurity comes standard with all web hosting plans which we offer and it'll be switched on automatically for any domain or subdomain which you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you could activate and disable it with a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it shall not do anything to stop them. The log for any of your sites shall contain detailed information including the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are regularly updated and consist of both commercial ones we get from a third-party security firm and custom ones our system administrators include in the event that they detect a new kind of attacks. That way, the websites which you host here shall be much more protected without any action required on your end.

ModSecurity in Dedicated Servers

All our dedicated servers that are set up with the Hepsia hosting CP include ModSecurity, so any app which you upload or install shall be protected from the very beginning and you'll not have to bother about common attacks or vulnerabilities. An independent section in Hepsia will permit you to start or stop the firewall for each domain or subdomain, or switch on a detection mode so that it records details about intrusions, but does not take actions to stop them. What you'll find in the logs shall enable you to to secure your sites better - the IP address an attack originated from, what website was attacked and exactly how, what ModSecurity rule was triggered, and so forth. With this information, you can see whether a site needs an update, if you should block IPs from accessing your server, and so forth. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones as well when they discover a new threat that is not yet included in the commercial bundle.