ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and when it identifies an intrusion attempt, it blocks it. The firewall furthermore maintains a more comprehensive log for the website visitors than any web server does, so you shall manage to keep an eye on what is happening with your sites much better than if you rely merely on standard logs. ModSecurity uses security rules based on which it stops attacks. For instance, it detects if somebody is trying to log in to the administration area of a specific script a number of times or if a request is sent to execute a file with a particular command. In these circumstances these attempts trigger the corresponding rules and the firewall program blocks the attempts instantly, and then records in-depth information about them within its logs. ModSecurity is amongst the best software firewalls on the market and it can easily protect your web apps against a large number of threats and vulnerabilities, especially if you don’t update them or their plugins regularly.

ModSecurity in Shared Website Hosting

ModSecurity is provided with all shared website hosting servers, so if you opt to host your Internet sites with our business, they shall be resistant to an array of attacks. The firewall is enabled as standard for all domains and subdomains, so there'll be nothing you'll have to do on your end. You will be able to stop ModSecurity for any Internet site if needed, or to activate a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You will be able to view comprehensive logs via your Hepsia Control Panel including the IP address where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the safety of our clients' websites seriously, we use a selection of commercial rules which we take from one of the top companies which maintain such rules. Our admins also include custom rules to make certain that your sites will be shielded from as many risks as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server solutions and if you choose to host your Internet sites with us, there shall not be anything special you'll have to do given that the firewall is switched on by default for all domains and subdomains that you include via your hosting Control Panel. If required, you'll be able to disable ModSecurity for a certain website or switch on the so-called detection mode in which case the firewall will still function and record data, but shall not do anything to stop potential attacks on your websites. Detailed logs shall be available within your Control Panel and you shall be able to see which kind of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, etc. We employ two kinds of rules on our servers - commercial ones from a business that operates in the field of web security, and custom ones that our admins often add to respond to newly identified threats in a timely manner.

ModSecurity in Dedicated Servers

ModSecurity is provided with all dedicated servers which are set up with our Hepsia CP and you'll not have to do anything specific on your end to employ it since it is switched on by default whenever you add a new domain or subdomain on your server. In the event that it interferes with any of your applications, you will be able to stop it via the respective area of Hepsia, or you can leave it operating in passive mode, so it shall recognize attacks and shall still keep a log for them, but shall not block them. You could examine the logs later to find out what you can do to enhance the security of your websites since you'll find details such as where an intrusion attempt originated from, what site was attacked and based upon what rule ModSecurity responded, and so forth. The rules which we use are commercial, thus they are regularly updated by a security provider, but to be on the safe side, our admins also add custom rules every now and then as to respond to any new threats they have found.