ModSecurity is a highly effective firewall for Apache web servers that's employed to stop attacks toward web apps. It tracks the HTTP traffic to a particular Internet site in real time and blocks any intrusion attempts the instant it discovers them. The firewall relies on a set of rules to do that - for instance, trying to log in to a script administrator area unsuccessfully many times sets off one rule, sending a request to execute a particular file that could result in getting access to the website triggers another rule, etcetera. ModSecurity is among the best firewalls available and it'll preserve even scripts which aren't updated on a regular basis since it can prevent attackers from using known exploits and security holes. Quite detailed information about each and every intrusion attempt is recorded and the logs the firewall maintains are much more detailed than the conventional logs provided by the Apache server, so you may later examine them and decide whether you need to take more measures in order to enhance the safety of your script-driven sites.

ModSecurity in Cloud Web Hosting

ModSecurity comes by default with all cloud web hosting solutions that we offer and it shall be turned on automatically for any domain or subdomain which you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to activate and deactivate it with just a click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to prevent them. The log for each of your Internet sites shall include in-depth information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are constantly updated and comprise of both commercial ones we get from a third-party security company and custom ones which our system administrators include in the event that they detect a new kind of attacks. In this way, the Internet sites that you host here will be far more protected without any action expected on your end.

ModSecurity in Semi-dedicated Hosting

We have integrated ModSecurity as a standard inside all semi-dedicated hosting products, so your web applications will be protected the instant you set them up under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts will permit you to activate or disable the firewall for any site with a mouse click. You'll also have the ability to turn on a passive detection mode through which ModSecurity will keep a log of possible attacks without really preventing them. The thorough logs include the nature of the attack and what ModSecurity response that attack initiated, where it came from, and so on. The list of rules we employ is constantly updated in order to match any new threats that might appear on the Internet and it comes with both commercial rules that we get from a security company and custom-written ones that our administrators include if they discover a threat which is not present within the commercial list yet.

ModSecurity in Dedicated Web Hosting

ModSecurity is available by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain that you create on the web server. In the event that a web application does not work adequately, you could either switch off the firewall or set it to work in passive mode. The latter means that ModSecurity shall keep a log of any possible attack that could happen, but won't take any action to prevent it. The logs generated in passive or active mode will present you with more details about the exact file which was attacked, the form of the attack and the IP address it came from, and so on. This info will permit you to determine what measures you can take to improve the protection of your sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated regularly with a commercial bundle from a third-party security enterprise we work with, but oftentimes our administrators add their own rules as well in the event that they come across a new potential threat.