ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and in case it discovers an intrusion attempt, it blocks it. The firewall furthermore maintains a more comprehensive log for the website visitors than any server does, so you shall be able to keep an eye on what's happening with your Internet sites better than if you rely simply on standard logs. ModSecurity uses security rules based on which it stops attacks. For instance, it identifies whether somebody is trying to log in to the administration area of a specific script several times or if a request is sent to execute a file with a specific command. In such cases these attempts trigger the corresponding rules and the software hinders the attempts immediately, then records comprehensive details about them in its logs. ModSecurity is among the most effective software firewalls out there and it can easily protect your web applications against a huge number of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Website Hosting

ModSecurity comes by default with all website hosting plans which we supply and it'll be switched on automatically for any domain or subdomain you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you'll be able to switch on and deactivate it with only a click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to stop them. The log for any of your sites shall feature detailed information such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules we use are frequently updated and comprise of both commercial ones that we get from a third-party security business and custom ones our system admins include in case that they detect a new type of attacks. This way, the websites that you host here will be a lot more protected without any action needed on your end.

ModSecurity in Semi-dedicated Servers

We have incorporated ModSecurity by default within all semi-dedicated server products, so your web apps will be protected the instant you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts will permit you to switch on or turn off the firewall for any site with a mouse click. You'll also be able to switch on a passive detection mode through which ModSecurity will keep a log of potential attacks without really preventing them. The thorough logs include things like the nature of the attack and what ModSecurity response that attack caused, where it originated from, and so on. The list of rules we use is regularly updated as to match any new threats which could appear on the Internet and it comes with both commercial rules that we get from a security business and custom-written ones which our admins include in the event that they discover a threat that's not present in the commercial list yet.