ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its operation and if it detects an intrusion attempt, it prevents it. The firewall also keeps a more thorough log for the website visitors than any server does, so you'll manage to keep an eye on what is going on with your sites better than if you rely only on standard logs. ModSecurity uses security rules based on which it prevents attacks. For example, it recognizes if somebody is trying to log in to the administration area of a certain script a number of times or if a request is sent to execute a file with a specific command. In these situations these attempts trigger the corresponding rules and the software blocks the attempts immediately, then records comprehensive details about them in its logs. ModSecurity is amongst the most effective software firewalls available and it could easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Web Hosting

We offer ModSecurity with all web hosting solutions, so your web applications shall be shielded from malicious attacks. The firewall is activated as standard for all domains and subdomains, but in case you'd like, you shall be able to stop it via the respective area of your Hepsia Control Panel. You can also activate a detection mode, so ModSecurity will keep a log as intended, but will not take any action. The logs that you will discover in Hepsia are quite detailed and offer info about the nature of any attack, when it took place and from what IP address, the firewall rule that was triggered, etc. We use a group of commercial rules that are frequently updated, but sometimes our administrators add custom rules as well in order to better protect the sites hosted on our servers.

ModSecurity in Dedicated Web Hosting

ModSecurity is offered as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain you create on the hosting server. Just in case that a web app does not function adequately, you may either switch off the firewall or set it to work in passive mode. The second means that ModSecurity will maintain a log of any potential attack which could happen, but will not take any action to prevent it. The logs generated in active or passive mode will provide you with additional details about the exact file that was attacked, the form of the attack and the IP address it originated from, etc. This data will allow you to determine what steps you can take to enhance the protection of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated often with a commercial package from a third-party security provider we work with, but sometimes our staff add their own rules as well in case they find a new potential threat.