ModSecurity is a potent web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its operation and in case it detects an intrusion attempt, it prevents it. The firewall additionally maintains a more thorough log for the traffic than any web server does, so you shall be able to keep track of what's happening with your websites much better than if you rely only on conventional logs. ModSecurity uses security rules based on which it stops attacks. For instance, it detects whether anyone is trying to log in to the administration area of a specific script multiple times or if a request is sent to execute a file with a particular command. In such situations these attempts trigger the corresponding rules and the software hinders the attempts instantly, and then records in-depth details about them within its logs. ModSecurity is one of the most effective software firewalls on the market and it could easily protect your web apps against a large number of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Shared Website Hosting

ModSecurity is supplied with all shared website hosting web servers, so if you choose to host your Internet sites with our business, they will be shielded from an array of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you will need to do on your end. You'll be able to stop ModSecurity for any website if required, or to activate a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You will be able to view comprehensive logs via your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity dealt with the threat. Since we take the security of our clients' sites seriously, we employ a group of commercial rules which we take from one of the top firms that maintain this type of rules. Our admins also add custom rules to make certain that your websites shall be shielded from as many threats as possible.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers which are set up with our Hepsia Control Panel and you will not have to do anything specific on your end to use it as it's enabled by default each time you add a new domain or subdomain on your server. In the event that it interferes with some of your apps, you'll be able to stop it via the respective area of Hepsia, or you may leave it operating in passive mode, so it will recognize attacks and shall still maintain a log for them, but shall not block them. You may look at the logs later to determine what you can do to enhance the security of your Internet sites since you shall find details such as where an intrusion attempt came from, what Internet site was attacked and based upon what rule ModSecurity responded, and so forth. The rules we employ are commercial, hence they're regularly updated by a security provider, but to be on the safe side, our staff also add custom rules every now and then in order to react to any new threats they have found.