ModSecurity is a highly effective web application layer firewall for Apache web servers. It monitors the entire HTTP traffic to an Internet site without affecting its operation and if it identifies an intrusion attempt, it blocks it. The firewall furthermore keeps a more comprehensive log for the traffic than any web server does, so you will be able to monitor what's happening with your websites a lot better than if you rely simply on conventional logs. ModSecurity uses security rules based on which it helps prevent attacks. For example, it identifies whether someone is attempting to log in to the administrator area of a specific script multiple times or if a request is sent to execute a file with a certain command. In such situations these attempts trigger the corresponding rules and the firewall blocks the attempts immediately, and then records detailed info about them inside its logs. ModSecurity is among the most effective software firewalls out there and it could easily protect your web apps against a huge number of threats and vulnerabilities, especially in case you don’t update them or their plugins regularly.

ModSecurity in Website Hosting

ModSecurity is offered with each and every website hosting package which we provide and it's activated by default for any domain or subdomain which you add through your Hepsia CP. If it disrupts any of your applications or you would like to disable it for any reason, you will be able to accomplish that through the ModSecurity section of Hepsia with only a click. You can also use a passive mode, so the firewall will identify possible attacks and keep a log, but will not take any action. You'll be able to view comprehensive logs in the same section, including the IP where the attack originated from, what exactly the attacker attempted to do and at what time, what ModSecurity did, and so forth. For max safety of our customers we use a group of commercial firewall rules blended with custom ones that are provided by our system administrators.