ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a website without affecting its overall performance and in case it identifies an intrusion attempt, it prevents it. The firewall also keeps a more comprehensive log for the website visitors than any server does, so you shall manage to keep an eye on what is happening with your websites a lot better than if you rely simply on standard logs. ModSecurity employs security rules based on which it prevents attacks. For example, it identifies if anyone is attempting to log in to the admin area of a particular script several times or if a request is sent to execute a file with a specific command. In such circumstances these attempts trigger the corresponding rules and the firewall software blocks the attempts instantly, and then records in-depth info about them within its logs. ModSecurity is one of the very best software firewalls available and it can easily protect your web apps against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Shared Web Hosting

ModSecurity comes standard with all shared web hosting packages that we provide and it'll be turned on automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and deactivate it with a mouse click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your websites shall feature detailed information including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are constantly updated and incorporate both commercial ones which we get from a third-party security firm and custom ones which our system admins add in the event that they detect a new kind of attacks. In this way, the websites you host here shall be a lot more secure with no action required on your end.

ModSecurity in Semi-dedicated Servers

Any web program which you set up within your new semi-dedicated server account shall be protected by ModSecurity because the firewall is provided with all our hosting solutions and is activated by default for any domain and subdomain that you include or create using your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated area inside Hepsia where not only could you activate or deactivate it fully, but you may also activate a passive mode, so the firewall won't block anything, but it will still keep a record of possible attacks. This takes simply a mouse click and you will be able to see the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was taken care of, and so forth. The firewall employs 2 groups of rules on our servers - a commercial one which we get from a third-party web security firm and a custom one which our admins update personally as to respond to newly discovered risks immediately.