ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its operation and in case it discovers an intrusion attempt, it blocks it. The firewall also keeps a more comprehensive log for the traffic than any server does, so you will be able to keep an eye on what is going on with your websites a lot better than if you rely merely on standard logs. ModSecurity uses security rules based on which it stops attacks. For example, it recognizes whether someone is attempting to log in to the administration area of a given script several times or if a request is sent to execute a file with a certain command. In these cases these attempts set off the corresponding rules and the software blocks the attempts right away, and then records in-depth details about them within its logs. ModSecurity is among the best software firewalls available and it can protect your web apps against a large number of threats and vulnerabilities, particularly if you don’t update them or their plugins often.

ModSecurity in Web Hosting

ModSecurity can be found with each web hosting plan that we offer and it is activated by default for any domain or subdomain that you include via your Hepsia Control Panel. In case it disrupts any of your apps or you would like to disable it for some reason, you'll be able to do this through the ModSecurity area of Hepsia with just a mouse click. You could also activate a passive mode, so the firewall will discover potential attacks and maintain a log, but will not take any action. You could view comprehensive logs in the exact same section, including the IP address where the attack originated from, exactly what the attacker attempted to do and at what time, what ModSecurity did, etc. For max security of our customers we use a group of commercial firewall rules combined with custom ones that are provided by our system admins.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers that are integrated with our Hepsia Control Panel and you'll not have to do anything specific on your end to use it as it is turned on by default each time you add a new domain or subdomain on your server. If it interferes with any of your applications, you shall be able to stop it via the respective section of Hepsia, or you can leave it working in passive mode, so it shall detect attacks and shall still keep a log for them, but shall not prevent them. You can examine the logs later to learn what you can do to improve the protection of your sites since you shall find information such as where an intrusion attempt originated from, what site was attacked and in accordance with what rule ModSecurity responded, and so forth. The rules we employ are commercial, thus they're frequently updated by a security provider, but to be on the safe side, our admins also include custom rules occasionally as to deal with any new threats they have discovered.