ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its performance and in case it discovers an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the website visitors than any server does, so you shall manage to monitor what is going on with your sites better than if you rely merely on conventional logs. ModSecurity works with security rules based on which it helps prevent attacks. For example, it detects whether anyone is trying to log in to the administrator area of a particular script a number of times or if a request is sent to execute a file with a certain command. In such cases these attempts trigger the corresponding rules and the software hinders the attempts immediately, and then records comprehensive info about them inside its logs. ModSecurity is amongst the best software firewalls available and it could easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Cloud Web Hosting

ModSecurity comes by default with all cloud web hosting plans that we supply and it shall be activated automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and disable it with a click or set it to detection mode, so it will keep a log of all attacks, but it'll not do anything to stop them. The log for any of your websites shall feature comprehensive info including the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules we use are regularly updated and incorporate both commercial ones that we get from a third-party security firm and custom ones which our system administrators add in the event that they detect a new type of attacks. This way, the Internet sites which you host here shall be way more secure with no action required on your end.

ModSecurity in Dedicated Web Hosting

All our dedicated servers which are installed with the Hepsia hosting Control Panel feature ModSecurity, so any program which you upload or install will be secured from the very beginning and you won't have to stress about common attacks or vulnerabilities. An individual section within Hepsia will allow you to start or stop the firewall for every domain or subdomain, or turn on a detection mode so that it records information about intrusions, but doesn't take actions to stop them. What you'll see in the logs can easily help you to secure your Internet sites better - the IP an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, etcetera. With this data, you'll be able to see whether an Internet site needs an update, whether you should block IPs from accessing your server, and so on. Besides the third-party commercial security rules for ModSecurity which we use, our administrators include custom ones too when they discover a new threat that is not yet in the commercial bundle.