ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its overall performance and in case it identifies an intrusion attempt, it blocks it. The firewall additionally keeps a more detailed log for the traffic than any server does, so you will manage to monitor what is going on with your websites a lot better than if you rely merely on conventional logs. ModSecurity uses security rules based on which it prevents attacks. For example, it detects whether anyone is attempting to log in to the administration area of a given script several times or if a request is sent to execute a file with a specific command. In such instances these attempts trigger the corresponding rules and the software hinders the attempts instantly, after that records comprehensive information about them in its logs. ModSecurity is one of the most effective software firewalls available and it can easily protect your web applications against a large number of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Shared Hosting

ModSecurity comes by default with all shared hosting solutions which we provide and it'll be switched on automatically for any domain or subdomain that you add/create within your Hepsia hosting Control Panel. The firewall has 3 different modes, so you could activate and disable it with simply a mouse click or set it to detection mode, so it'll keep a log of all attacks, but it shall not do anything to prevent them. The log for each of your sites will include detailed info such as the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules we use are frequently updated and incorporate both commercial ones that we get from a third-party security company and custom ones which our system admins add in the event that they detect a new type of attacks. In this way, the websites that you host here shall be much more secure with no action needed on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions which we offer come with ModSecurity and because the firewall is turned on by default, any Internet site that you create under a domain or a subdomain shall be protected right from the start. An independent section in the Hepsia CP that comes with the semi-dedicated accounts is devoted to ModSecurity and it'll allow you to stop and start the firewall for any website or activate a detection mode. With the latter, ModSecurity shall not take any action, but it shall still detect possible attacks and will keep all information in a log as if it were 100% active. The logs can be found in the same section of the Control Panel and they feature details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules we use on our machines are a mix between commercial ones from a security company and custom ones developed by our system administrators. As a result, we offer increased security for your web applications as we can protect them from attacks before security corporations release updates for completely new threats.

ModSecurity in Dedicated Servers

All of our dedicated servers that are installed with the Hepsia hosting CP feature ModSecurity, so any app which you upload or install shall be properly secured from the very beginning and you won't have to bother about common attacks or vulnerabilities. An independent section inside Hepsia will enable you to start or stop the firewall for each domain or subdomain, or activate a detection mode so that it records info about intrusions, but doesn't take actions to stop them. What you will discover in the logs can easily allow you to to secure your websites better - the IP address an attack originated from, what site was attacked and exactly how, what ModSecurity rule was triggered, and so forth. With this info, you'll be able to see whether a website needs an update, if you need to block IPs from accessing your web server, etcetera. Aside from the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones too every time they come across a new threat that is not yet in the commercial bundle.