ModSecurity is a powerful firewall for Apache web servers that's used to prevent attacks against web applications. It keeps track of the HTTP traffic to a given Internet site in real time and prevents any intrusion attempts the instant it identifies them. The firewall uses a set of rules to do that - as an illustration, attempting to log in to a script administrator area without success many times triggers one rule, sending a request to execute a specific file that could result in getting access to the Internet site triggers another rule, etc. ModSecurity is one of the best firewalls around and it'll protect even scripts which are not updated on a regular basis since it can prevent attackers from using known exploits and security holes. Quite thorough info about each and every intrusion attempt is recorded and the logs the firewall keeps are much more specific than the regular logs generated by the Apache server, so you could later take a look at them and decide whether you need to take additional measures so as to enhance the security of your script-driven sites.

ModSecurity in Cloud Hosting

ModSecurity can be found with every single cloud hosting solution that we offer and it's turned on by default for every domain or subdomain that you include via your Hepsia CP. In case it interferes with any of your applications or you'd like to disable it for any reason, you shall be able to do this through the ModSecurity area of Hepsia with simply a mouse click. You could also enable a passive mode, so the firewall will detect possible attacks and keep a log, but won't take any action. You could see comprehensive logs in the exact same section, including the IP where the attack came from, exactly what the attacker attempted to do and at what time, what ModSecurity did, and so forth. For maximum protection of our clients we use a set of commercial firewall rules blended with custom ones which are provided by our system administrators.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting plans and if you decide to host your Internet sites with our company, there will not be anything special you'll need to do since the firewall is activated by default for all domains and subdomains that you add using your hosting CP. If needed, you could disable ModSecurity for a particular website or activate the so-called detection mode in which case the firewall shall still operate and record information, but shall not do anything to stop possible attacks on your websites. Comprehensive logs will be available within your CP and you will be able to see what type of attacks occurred, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, etcetera. We employ two sorts of rules on our servers - commercial ones from a company that operates in the field of web security, and customized ones which our administrators often include to respond to newly discovered threats promptly.

ModSecurity in Dedicated Web Hosting

All our dedicated servers which are installed with the Hepsia hosting CP come with ModSecurity, so any app that you upload or set up will be secured from the very beginning and you'll not have to worry about common attacks or vulnerabilities. A separate section in Hepsia will allow you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records information about intrusions, but doesn't take actions to prevent them. What you will discover in the logs can help you to secure your sites better - the IP an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, and so forth. With this info, you'll be able to see if a website needs an update, whether you should block IPs from accessing your web server, and so on. On top of the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones too every time they find a new threat that's not yet a part of the commercial bundle.