ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its functionality and if it discovers an intrusion attempt, it prevents it. The firewall furthermore keeps a more thorough log for the site visitors than any server does, so you shall manage to keep track of what's going on with your sites better than if you rely simply on conventional logs. ModSecurity works with security rules based on which it stops attacks. For instance, it detects if someone is trying to log in to the admin area of a certain script several times or if a request is sent to execute a file with a specific command. In such cases these attempts trigger the corresponding rules and the firewall program hinders the attempts right away, after that records comprehensive details about them inside its logs. ModSecurity is among the very best software firewalls available and it can protect your web apps against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.

ModSecurity in Cloud Website Hosting

ModSecurity comes standard with all cloud website hosting solutions that we supply and it will be switched on automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and deactivate it with only a click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to stop them. The log for each of your websites shall feature in-depth info including the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules that we use are regularly updated and incorporate both commercial ones that we get from a third-party security company and custom ones that our system admins include in case that they detect a new type of attacks. This way, the Internet sites you host here shall be far more secure with no action expected on your end.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the hosting server. In case that a web app doesn't function adequately, you can either disable the firewall or set it to operate in passive mode. The latter means that ModSecurity will maintain a log of any potential attack which might occur, but won't take any action to prevent it. The logs produced in active or passive mode will offer you more details about the exact file that was attacked, the nature of the attack and the IP it originated from, and so forth. This info will allow you to decide what measures you can take to improve the protection of your Internet sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated constantly with a commercial bundle from a third-party security enterprise we work with, but from time to time our administrators add their own rules as well when they find a new potential threat.