ModSecurity is a powerful web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its overall performance and when it detects an intrusion attempt, it prevents it. The firewall additionally maintains a more comprehensive log for the site visitors than any web server does, so you shall manage to keep an eye on what's going on with your Internet sites much better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it stops attacks. For example, it detects if anyone is attempting to log in to the admin area of a particular script several times or if a request is sent to execute a file with a particular command. In such cases these attempts set off the corresponding rules and the software blocks the attempts instantly, and then records comprehensive info about them inside its logs. ModSecurity is one of the most effective software firewalls available and it could easily protect your web apps against many threats and vulnerabilities, especially if you don’t update them or their plugins regularly.

ModSecurity in Shared Hosting

ModSecurity is provided with all shared hosting machines, so if you decide to host your sites with our business, they'll be protected against a wide array of attacks. The firewall is turned on by default for all domains and subdomains, so there will be nothing you will have to do on your end. You'll be able to stop ModSecurity for any site if needed, or to switch on a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You'll be able to view detailed logs using your Hepsia Control Panel including the IP where the attack came from, what the attacker planned to do and how ModSecurity dealt with the threat. Since we take the safety of our customers' sites very seriously, we employ a group of commercial rules which we take from one of the leading firms that maintain this type of rules. Our administrators also include custom rules to make sure that your websites will be resistant to as many threats as possible.

ModSecurity in Dedicated Hosting

ModSecurity comes with all dedicated servers which are integrated with our Hepsia Control Panel and you won't need to do anything specific on your end to employ it as it's turned on by default every time you include a new domain or subdomain on your web server. In the event that it interferes with any of your apps, you shall be able to stop it via the respective area of Hepsia, or you can leave it in passive mode, so it will identify attacks and will still maintain a log for them, but shall not prevent them. You may look at the logs later to learn what you can do to improve the security of your Internet sites since you shall find details such as where an intrusion attempt originated from, what website was attacked and based upon what rule ModSecurity reacted, etcetera. The rules we employ are commercial, thus they're regularly updated by a security company, but to be on the safe side, our administrators also add custom rules from time to time in order to deal with any new threats they have found.