ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and if it identifies an intrusion attempt, it blocks it. The firewall furthermore maintains a more thorough log for the website visitors than any web server does, so you will manage to monitor what's going on with your websites much better than if you rely merely on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For instance, it identifies whether someone is attempting to log in to the administrator area of a specific script multiple times or if a request is sent to execute a file with a specific command. In these cases these attempts trigger the corresponding rules and the firewall software blocks the attempts in real time, after that records comprehensive info about them in its logs. ModSecurity is among the best software firewalls out there and it can protect your web applications against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.

ModSecurity in Shared Hosting

ModSecurity comes standard with all shared hosting plans which we provide and it will be switched on automatically for any domain or subdomain that you add/create inside your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could switch on and deactivate it with only a mouse click or set it to detection mode, so it will keep a log of all attacks, but it will not do anything to stop them. The log for each of your Internet sites will feature detailed info including the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are regularly updated and incorporate both commercial ones which we get from a third-party security company and custom ones our system administrators add in the event that they detect a new type of attacks. In this way, the Internet sites which you host here shall be a lot more protected with no action needed on your end.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting solutions and if you opt to host your websites with our company, there won't be anything special you'll have to do given that the firewall is switched on by default for all domains and subdomains which you add using your hosting Control Panel. If necessary, you can disable ModSecurity for a given Internet site or switch on the so-called detection mode in which case the firewall shall still operate and record data, but won't do anything to prevent possible attacks against your sites. Comprehensive logs shall be accessible inside your CP and you shall be able to see which kind of attacks took place, what security rules were triggered and how the firewall addressed the threats, what Internet protocol addresses the attacks came from, etcetera. We use two kinds of rules on our servers - commercial ones from a firm that operates in the field of web security, and customized ones which our administrators often add to respond to newly identified threats promptly.

ModSecurity in Dedicated Servers Hosting

ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain you create on the web server. In the event that a web app does not work correctly, you can either turn off the firewall or set it to operate in passive mode. The latter means that ModSecurity will maintain a log of any potential attack which could occur, but shall not take any action to stop it. The logs generated in passive or active mode will give you more details about the exact file which was attacked, the type of the attack and the IP it originated from, and so on. This information shall allow you to decide what measures you can take to increase the safety of your websites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated constantly with a commercial pack from a third-party security company we work with, but occasionally our staff add their own rules too in the event that they identify a new potential threat.