ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its overall performance and if it detects an intrusion attempt, it prevents it. The firewall also maintains a more comprehensive log for the site visitors than any web server does, so you shall be able to keep an eye on what's happening with your sites better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For example, it recognizes whether anyone is attempting to log in to the administrator area of a particular script multiple times or if a request is sent to execute a file with a particular command. In these situations these attempts set off the corresponding rules and the firewall program blocks the attempts instantly, and then records comprehensive details about them inside its logs. ModSecurity is among the very best software firewalls available and it could easily protect your web apps against many threats and vulnerabilities, particularly if you don’t update them or their plugins often.

ModSecurity in Cloud Web Hosting

ModSecurity comes standard with all cloud web hosting packages which we provide and it will be switched on automatically for any domain or subdomain you add/create inside your Hepsia hosting Control Panel. The firewall has three different modes, so you could switch on and deactivate it with a click or set it to detection mode, so it will maintain a log of all attacks, but it will not do anything to prevent them. The log for each of your Internet sites will feature in-depth info which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etc. The firewall rules we use are constantly updated and consist of both commercial ones that we get from a third-party security company and custom ones our system administrators add in the event that they detect a new type of attacks. In this way, the sites that you host here will be way more secure with no action expected on your end.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting plans and if you decide to host your sites with us, there will not be anything special you'll have to do as the firewall is switched on by default for all domains and subdomains which you include via your hosting Control Panel. If required, you can disable ModSecurity for a particular Internet site or activate the so-called detection mode in which case the firewall will still function and record data, but won't do anything to prevent possible attacks against your Internet sites. Comprehensive logs shall be accessible in your Control Panel and you'll be able to see what type of attacks took place, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks originated from, etcetera. We use 2 kinds of rules on our servers - commercial ones from a business that operates in the field of web security, and custom made ones that our admins often include to respond to newly identified risks promptly.

ModSecurity in Dedicated Hosting

ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain that you create on the web server. In the event that a web app doesn't work adequately, you could either disable the firewall or set it to work in passive mode. The second means that ModSecurity will maintain a log of any potential attack that may happen, but shall not take any action to stop it. The logs generated in active or passive mode will offer you additional details about the exact file which was attacked, the form of the attack and the IP it came from, and so forth. This info will allow you to decide what steps you can take to enhance the safety of your Internet sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated constantly with a commercial pack from a third-party security firm we work with, but from time to time our staff include their own rules also in the event that they find a new potential threat.