ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to a website without affecting its operation and if it identifies an intrusion attempt, it prevents it. The firewall also keeps a more detailed log for the traffic than any web server does, so you'll manage to keep track of what's happening with your Internet sites better than if you rely only on standard logs. ModSecurity works with security rules based on which it prevents attacks. For instance, it recognizes whether somebody is trying to log in to the administrator area of a certain script multiple times or if a request is sent to execute a file with a certain command. In these cases these attempts trigger the corresponding rules and the firewall software hinders the attempts instantly, then records comprehensive info about them inside its logs. ModSecurity is among the best software firewalls available and it can protect your web applications against many threats and vulnerabilities, especially if you don’t update them or their plugins often.

ModSecurity in Cloud Web Hosting

ModSecurity can be found with each cloud web hosting solution that we offer and it's turned on by default for every domain or subdomain which you include via your Hepsia CP. In the event that it interferes with any of your programs or you'd like to disable it for whatever reason, you will be able to achieve that through the ModSecurity section of Hepsia with just a mouse click. You may also activate a passive mode, so the firewall will discover possible attacks and maintain a log, but won't take any action. You can see detailed logs in the same section, including the IP where the attack came from, exactly what the attacker tried to do and at what time, what ModSecurity did, and so forth. For optimum security of our clients we use a set of commercial firewall rules blended with custom ones that are provided by our system administrators.

ModSecurity in Dedicated Web Hosting

ModSecurity is available by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain you create on the web server. In the event that a web app doesn't operate adequately, you may either disable the firewall or set it to function in passive mode. The latter means that ModSecurity will keep a log of any possible attack which could take place, but will not take any action to prevent it. The logs produced in active or passive mode will provide you with additional details about the exact file that was attacked, the type of the attack and the IP it came from, and so forth. This information will permit you to determine what actions you can take to boost the protection of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated regularly with a commercial pack from a third-party security company we work with, but oftentimes our admins include their own rules also when they identify a new potential threat.