ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a site without affecting its performance and when it discovers an intrusion attempt, it blocks it. The firewall also maintains a more thorough log for the site visitors than any web server does, so you will manage to keep track of what's going on with your Internet sites much better than if you rely only on conventional logs. ModSecurity works with security rules based on which it helps prevent attacks. For example, it recognizes if someone is attempting to log in to the admin area of a certain script multiple times or if a request is sent to execute a file with a certain command. In these instances these attempts trigger the corresponding rules and the firewall software hinders the attempts immediately, then records in-depth details about them within its logs. ModSecurity is amongst the very best software firewalls on the market and it could easily protect your web apps against many threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Web Hosting

ModSecurity is available with each and every web hosting package that we provide and it is activated by default for any domain or subdomain which you add through your Hepsia Control Panel. In the event that it disrupts any of your applications or you'd like to disable it for any reason, you shall be able to achieve that through the ModSecurity area of Hepsia with merely a click. You may also use a passive mode, so the firewall will detect potential attacks and maintain a log, but will not take any action. You'll be able to view extensive logs in the exact same section, including the IP address where the attack came from, exactly what the attacker aimed to do and at what time, what ModSecurity did, and so forth. For optimum protection of our clients we use a set of commercial firewall rules blended with custom ones which are provided by our system administrators.

ModSecurity in Dedicated Servers Hosting

ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the server. In case that a web app doesn't work correctly, you may either turn off the firewall or set it to operate in passive mode. The second means that ModSecurity will maintain a log of any possible attack which could take place, but shall not take any action to prevent it. The logs created in passive or active mode will give you more details about the exact file that was attacked, the type of the attack and the IP address it came from, and so on. This info will enable you to determine what measures you can take to improve the safety of your websites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated often with a commercial bundle from a third-party security enterprise we work with, but oftentimes our administrators include their own rules also in case they discover a new potential threat.