ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its operation and when it detects an intrusion attempt, it prevents it. The firewall additionally maintains a more thorough log for the site visitors than any server does, so you will be able to keep an eye on what's going on with your Internet sites better than if you rely simply on conventional logs. ModSecurity employs security rules based on which it prevents attacks. For instance, it identifies whether someone is trying to log in to the administrator area of a certain script a number of times or if a request is sent to execute a file with a certain command. In these instances these attempts set off the corresponding rules and the software hinders the attempts instantly, after that records in-depth information about them in its logs. ModSecurity is one of the very best software firewalls available and it can easily protect your web applications against thousands of threats and vulnerabilities, particularly if you don’t update them or their plugins frequently.

ModSecurity in Shared Hosting

ModSecurity is offered with each shared hosting solution that we provide and it's activated by default for any domain or subdomain that you add via your Hepsia Control Panel. If it disrupts any of your programs or you would like to disable it for whatever reason, you will be able to accomplish that through the ModSecurity section of Hepsia with only a click. You may also use a passive mode, so the firewall will recognize possible attacks and maintain a log, but shall not take any action. You could view comprehensive logs in the same section, including the IP where the attack originated from, what exactly the attacker tried to do and at what time, what ModSecurity did, etcetera. For maximum security of our customers we use a collection of commercial firewall rules combined with custom ones that are provided by our system admins.

ModSecurity in Dedicated Servers

When you opt to host your websites on a dedicated server with the Hepsia CP, your web programs will be protected right away because ModSecurity is supplied with all Hepsia-based plans. You shall be able to manage the firewall without difficulty and if needed, you shall be able to turn it off or enable its passive mode when it shall only maintain a log of what's taking place without taking any action to stop potential attacks. The logs which you can find inside the very same section of the CP are very detailed and contain data about the attacker IP, what site and file were attacked and in what ways, what rule the firewall used to stop the intrusion, etc. This data will allow you to take measures and improve the security of your sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our admins add when they identify attacks that haven't yet been included within the commercial pack.