ModSecurity is a highly effective firewall for Apache web servers that's employed to prevent attacks against web applications. It monitors the HTTP traffic to a specific site in real time and prevents any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to accomplish that - as an example, trying to log in to a script administrator area without success a few times sets off one rule, sending a request to execute a particular file which may result in accessing the site triggers a different rule, etc. ModSecurity is one of the best firewalls available on the market and it'll protect even scripts that aren't updated frequently because it can prevent attackers from using known exploits and security holes. Quite thorough information about every single intrusion attempt is recorded and the logs the firewall maintains are far more specific than the regular logs provided by the Apache server, so you could later take a look at them and decide whether you need to take additional measures in order to increase the security of your script-driven Internet sites.

ModSecurity in Cloud Web Hosting

ModSecurity is offered with each cloud web hosting solution that we provide and it's switched on by default for any domain or subdomain which you include through your Hepsia Control Panel. In the event that it interferes with any of your programs or you would like to disable it for whatever reason, you shall be able to do that through the ModSecurity section of Hepsia with only a click. You may also enable a passive mode, so the firewall will identify possible attacks and keep a log, but will not take any action. You can view detailed logs in the exact same section, including the IP address where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, etcetera. For maximum safety of our clients we use a set of commercial firewall rules blended with custom ones that are provided by our system admins.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions which we offer feature ModSecurity and since the firewall is turned on by default, any Internet site that you set up under a domain or a subdomain shall be secured right away. An independent section inside the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it will allow you to stop and start the firewall for any site or switch on a detection mode. With the last option, ModSecurity shall not take any action, but it shall still identify possible attacks and will keep all info in a log as if it were completely active. The logs can be found inside the very same section of the Control Panel and they include information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, etcetera. The security rules that we use on our machines are a mix of commercial ones from a security business and custom ones made by our system admins. For that reason, we provide increased security for your web programs as we can defend them from attacks before security firms release updates for brand new threats.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers which are integrated with our Hepsia CP and you will not need to do anything specific on your end to use it because it is enabled by default whenever you add a new domain or subdomain on your hosting server. In the event that it disrupts any of your apps, you shall be able to stop it through the respective part of Hepsia, or you can leave it in passive mode, so it shall detect attacks and shall still keep a log for them, but will not block them. You could analyze the logs later to find out what you can do to enhance the safety of your websites since you'll find details such as where an intrusion attempt originated from, what site was attacked and in accordance with what rule ModSecurity responded, and so on. The rules we use are commercial, thus they are frequently updated by a security provider, but to be on the safe side, our administrators also include custom rules occasionally in order to respond to any new threats they have found.