ModSecurity is a highly effective web app layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its operation and if it detects an intrusion attempt, it blocks it. The firewall furthermore keeps a more thorough log for the site visitors than any web server does, so you'll manage to keep an eye on what's happening with your Internet sites much better than if you rely only on standard logs. ModSecurity works with security rules based on which it prevents attacks. For example, it detects if someone is trying to log in to the admin area of a certain script a number of times or if a request is sent to execute a file with a certain command. In these circumstances these attempts set off the corresponding rules and the firewall hinders the attempts right away, then records detailed details about them within its logs. ModSecurity is amongst the best software firewalls available and it can protect your web apps against a large number of threats and vulnerabilities, particularly in case you don’t update them or their plugins regularly.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting packages which we offer come with ModSecurity and because the firewall is switched on by default, any Internet site which you create under a domain or a subdomain shall be secured immediately. An independent section within the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it shall allow you to stop and start the firewall for any Internet site or activate a detection mode. With the latter, ModSecurity will not take any action, but it'll still identify possible attacks and shall keep all information inside a log as if it were 100% active. The logs could be found inside the same section of the CP and they include specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so forth. The security rules we use on our machines are a mix of commercial ones from a security company and custom ones created by our system administrators. As a result, we offer higher security for your web programs as we can protect them from attacks before security firms release updates for new threats.

ModSecurity in Dedicated Hosting

ModSecurity is provided with all dedicated servers which are integrated with our Hepsia Control Panel and you will not have to do anything specific on your end to use it because it is enabled by default each time you include a new domain or subdomain on your server. If it disrupts any of your applications, you shall be able to stop it via the respective part of Hepsia, or you may leave it working in passive mode, so it shall identify attacks and will still maintain a log for them, but will not prevent them. You can examine the logs later to find out what you can do to increase the security of your sites as you will find info such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity responded, and so on. The rules that we employ are commercial, thus they are frequently updated by a security provider, but to be on the safe side, our admins also add custom rules occasionally in order to deal with any new threats they have identified.