ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its performance and in case it detects an intrusion attempt, it prevents it. The firewall additionally maintains a more detailed log for the traffic than any web server does, so you shall be able to monitor what's happening with your Internet sites much better than if you rely merely on standard logs. ModSecurity employs security rules based on which it helps prevent attacks. For instance, it recognizes if someone is attempting to log in to the administration area of a specific script multiple times or if a request is sent to execute a file with a certain command. In these circumstances these attempts trigger the corresponding rules and the firewall program hinders the attempts right away, after that records comprehensive info about them in its logs. ModSecurity is among the most effective software firewalls on the market and it can easily protect your web applications against a huge number of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Shared Website Hosting

We offer ModSecurity with all shared website hosting plans, so your Internet apps shall be resistant to destructive attacks. The firewall is turned on as standard for all domains and subdomains, but if you'd like, you will be able to stop it via the respective area of your Hepsia Control Panel. You'll be able to also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you'll discover within Hepsia are extremely detailed and feature information about the nature of any attack, when it transpired and from what IP address, the firewall rule that was triggered, and so on. We use a set of commercial rules that are often updated, but sometimes our administrators include custom rules as well so as to efficiently protect the websites hosted on our machines.

ModSecurity in Dedicated Servers

If you opt to host your websites on a dedicated server with the Hepsia CP, your web apps will be protected straight away because ModSecurity is available with all Hepsia-based solutions. You'll be able to manage the firewall with ease and if needed, you shall be able to turn it off or enable its passive mode when it will only maintain a log of what is taking place without taking any action to prevent potential attacks. The logs which you'll find in the same section of the CP are really detailed and include information about the attacker IP address, what site and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, etcetera. This information will permit you to take measures and increase the security of your sites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones that our admins include every time they detect attacks which have not yet been included inside the commercial pack.