ModSecurity is a powerful web application layer firewall for Apache web servers. It monitors the whole HTTP traffic to a site without affecting its functionality and if it identifies an intrusion attempt, it prevents it. The firewall additionally maintains a more detailed log for the traffic than any server does, so you'll be able to monitor what's going on with your websites a lot better than if you rely simply on standard logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it detects whether anyone is trying to log in to the administrator area of a given script several times or if a request is sent to execute a file with a certain command. In these situations these attempts trigger the corresponding rules and the software blocks the attempts right away, then records detailed details about them inside its logs. ModSecurity is among the most effective software firewalls on the market and it could easily protect your web applications against thousands of threats and vulnerabilities, especially in case you don’t update them or their plugins frequently.

ModSecurity in Web Hosting

ModSecurity is supplied with all web hosting machines, so when you opt to host your Internet sites with our business, they will be protected against a wide range of attacks. The firewall is turned on as standard for all domains and subdomains, so there shall be nothing you shall have to do on your end. You will be able to stop ModSecurity for any website if required, or to activate a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You will be able to view detailed logs from your Hepsia CP including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity addressed the threat. As we take the safety of our customers' websites very seriously, we use a set of commercial rules which we get from one of the leading companies which maintain this type of rules. Our admins also add custom rules to make certain that your Internet sites will be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting packages and if you decide to host your websites with our company, there will not be anything special you'll need to do as the firewall is activated by default for all domains and subdomains that you include using your hosting CP. If needed, you'll be able to disable ModSecurity for a certain Internet site or enable the so-called detection mode in which case the firewall will still function and record data, but will not do anything to stop possible attacks on your websites. Thorough logs shall be accessible within your Control Panel and you'll be able to see what type of attacks occurred, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks came from, and so on. We use two kinds of rules on our servers - commercial ones from a firm that operates in the field of web security, and custom made ones that our admins occasionally include to respond to newly discovered threats on time.