ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to an Internet site without affecting its overall performance and if it identifies an intrusion attempt, it prevents it. The firewall also maintains a more detailed log for the site visitors than any server does, so you'll be able to keep track of what is happening with your websites much better than if you rely merely on conventional logs. ModSecurity works with security rules based on which it prevents attacks. For example, it detects if somebody is trying to log in to the administration area of a specific script multiple times or if a request is sent to execute a file with a specific command. In these cases these attempts trigger the corresponding rules and the firewall software hinders the attempts right away, after that records comprehensive details about them inside its logs. ModSecurity is one of the best software firewalls out there and it can easily protect your web apps against a large number of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Cloud Hosting

ModSecurity can be found with every single cloud hosting package that we offer and it's switched on by default for any domain or subdomain which you add through your Hepsia Control Panel. In case it disrupts any of your applications or you'd like to disable it for whatever reason, you shall be able to achieve that through the ModSecurity area of Hepsia with only a click. You could also activate a passive mode, so the firewall will detect potential attacks and keep a log, but won't take any action. You could see extensive logs in the exact same section, including the IP address where the attack originated from, what exactly the attacker attempted to do and at what time, what ModSecurity did, and so on. For maximum security of our customers we use a set of commercial firewall rules combined with custom ones that are included by our system administrators.

ModSecurity in Dedicated Servers

If you choose to host your websites on a dedicated server with the Hepsia Control Panel, your web programs shall be secured right from the start since ModSecurity is supplied with all Hepsia-based plans. You'll be able to manage the firewall with ease and if necessary, you will be able to turn it off or activate its passive mode when it shall only keep a log of what is taking place without taking any action to prevent possible attacks. The logs that you can find inside the exact same section of the Control Panel are very detailed and contain details about the attacker IP, what site and file were attacked and in what ways, what rule the firewall employed to prevent the intrusion, and so forth. This info shall allow you to take measures and increase the protection of your websites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our staff add every time they detect attacks that have not yet been included in the commercial pack.