ModSecurity is a highly effective firewall for Apache web servers that's used to stop attacks toward web apps. It monitors the HTTP traffic to a specific Internet site in real time and prevents any intrusion attempts the moment it detects them. The firewall uses a set of rules to accomplish that - as an example, attempting to log in to a script administrator area without success several times activates one rule, sending a request to execute a particular file which could result in getting access to the site triggers another rule, and so on. ModSecurity is amongst the best firewalls available and it will preserve even scripts that aren't updated regularly because it can prevent attackers from using known exploits and security holes. Very detailed information about every single intrusion attempt is recorded and the logs the firewall keeps are much more comprehensive than the standard logs provided by the Apache server, so you may later analyze them and decide whether you need to take additional measures in order to enhance the protection of your script-driven sites.

ModSecurity in Shared Hosting

ModSecurity comes by default with all shared hosting solutions that we provide and it shall be switched on automatically for any domain or subdomain that you add/create within your Hepsia hosting Control Panel. The firewall has three different modes, so you'll be able to switch on and disable it with a mouse click or set it to detection mode, so it'll maintain a log of all attacks, but it will not do anything to stop them. The log for any of your sites will include comprehensive information including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are frequently updated and comprise of both commercial ones which we get from a third-party security firm and custom ones that our system admins add in case that they detect a new sort of attacks. This way, the sites that you host here shall be a lot more protected with no action needed on your end.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server plans and if you opt to host your Internet sites with our company, there will not be anything special you'll have to do since the firewall is activated by default for all domains and subdomains that you include through your hosting Control Panel. If necessary, you could disable ModSecurity for a certain website or enable the so-called detection mode in which case the firewall will still function and record info, but shall not do anything to stop potential attacks on your sites. Detailed logs will be available inside your CP and you'll be able to see what sort of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, etcetera. We use two kinds of rules on our servers - commercial ones from an organization that operates in the field of web security, and customized ones that our administrators sometimes add to respond to newly identified threats in a timely manner.

ModSecurity in Dedicated Servers

ModSecurity is provided with all dedicated servers which are set up with our Hepsia CP and you'll not need to do anything specific on your end to employ it because it's turned on by default every time you include a new domain or subdomain on your web server. In the event that it disrupts some of your applications, you shall be able to stop it via the respective section of Hepsia, or you could leave it working in passive mode, so it shall detect attacks and will still maintain a log for them, but won't stop them. You'll be able to examine the logs later to find out what you can do to boost the security of your Internet sites since you will find details such as where an intrusion attempt originated from, what Internet site was attacked and based on what rule ModSecurity reacted, etcetera. The rules that we use are commercial, thus they are constantly updated by a security provider, but to be on the safe side, our administrators also add custom rules from time to time in order to respond to any new threats they have found.