ModSecurity is a potent web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its performance and when it discovers an intrusion attempt, it blocks it. The firewall furthermore maintains a more comprehensive log for the site visitors than any server does, so you will be able to keep track of what's going on with your Internet sites better than if you rely simply on standard logs. ModSecurity employs security rules based on which it stops attacks. For instance, it identifies whether someone is trying to log in to the administrator area of a certain script several times or if a request is sent to execute a file with a specific command. In such situations these attempts trigger the corresponding rules and the firewall software blocks the attempts immediately, then records in-depth details about them in its logs. ModSecurity is one of the most effective software firewalls on the market and it could easily protect your web apps against thousands of threats and vulnerabilities, particularly in case you don’t update them or their plugins frequently.

ModSecurity in Cloud Web Hosting

ModSecurity comes standard with all cloud web hosting packages which we supply and it will be switched on automatically for any domain or subdomain that you add/create inside your Hepsia hosting Control Panel. The firewall has three different modes, so you'll be able to activate and deactivate it with simply a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to prevent them. The log for each of your sites shall feature detailed info including the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules we use are regularly updated and include both commercial ones that we get from a third-party security company and custom ones that our system administrators add in case that they detect a new kind of attacks. That way, the sites which you host here will be much more secure without any action expected on your end.

ModSecurity in Dedicated Servers

ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain you create on the hosting server. In the event that a web app doesn't operate adequately, you could either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity shall keep a log of any potential attack which may occur, but won't take any action to stop it. The logs produced in passive or active mode will present you with more details about the exact file which was attacked, the nature of the attack and the IP address it came from, etc. This data shall allow you to decide what steps you can take to enhance the protection of your websites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial bundle from a third-party security firm we work with, but sometimes our admins include their own rules also when they discover a new potential threat.