ModSecurity is a powerful firewall for Apache web servers which is used to stop attacks towards web apps. It tracks the HTTP traffic to a certain website in real time and blocks any intrusion attempts the instant it detects them. The firewall uses a set of rules to accomplish that - as an example, trying to log in to a script administration area without success several times sets off one rule, sending a request to execute a certain file which may result in getting access to the site triggers another rule, etc. ModSecurity is one of the best firewalls available on the market and it'll protect even scripts that are not updated regularly since it can prevent attackers from employing known exploits and security holes. Incredibly comprehensive info about each and every intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the standard logs created by the Apache server, so you may later examine them and determine if you need to take more measures so as to improve the safety of your script-driven Internet sites.

ModSecurity in Website Hosting

We offer ModSecurity with all website hosting solutions, so your Internet applications shall be resistant to harmful attacks. The firewall is turned on by default for all domains and subdomains, but if you would like, you will be able to stop it via the respective part of your Hepsia CP. You could also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you'll discover in Hepsia are incredibly detailed and include information about the nature of any attack, when it transpired and from what IP address, the firewall rule which was triggered, and so forth. We use a group of commercial rules which are often updated, but sometimes our admins include custom rules as well in order to better protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages which we offer include ModSecurity and given that the firewall is enabled by default, any Internet site that you build under a domain or a subdomain shall be secured immediately. An individual section inside the Hepsia Control Panel that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll enable you to start and stop the firewall for any website or switch on a detection mode. With the latter, ModSecurity will not take any action, but it shall still identify possible attacks and will keep all information within a log as if it were completely active. The logs could be found inside the very same section of the Control Panel and they feature details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so forth. The security rules that we use on our machines are a mix of commercial ones from a security company and custom ones developed by our system administrators. Consequently, we provide increased security for your web applications as we can protect them from attacks even before security corporations release updates for completely new threats.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain which you create on the hosting server. In case that a web app doesn't work correctly, you could either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity shall keep a log of any potential attack which might occur, but will not take any action to stop it. The logs created in passive or active mode shall provide you with additional details about the exact file which was attacked, the nature of the attack and the IP it originated from, etcetera. This data will permit you to decide what steps you can take to enhance the safety of your sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated regularly with a commercial pack from a third-party security provider we work with, but oftentimes our administrators include their own rules too if they discover a new potential threat.