ModSecurity is a powerful firewall for Apache web servers which is used to stop attacks towards web apps. It tracks the HTTP traffic to a certain site in real time and prevents any intrusion attempts the instant it identifies them. The firewall uses a set of rules to accomplish that - for example, trying to log in to a script administration area without success a few times sets off one rule, sending a request to execute a particular file which could result in getting access to the site triggers another rule, etc. ModSecurity is among the best firewalls on the market and it will secure even scripts that aren't updated on a regular basis because it can prevent attackers from using known exploits and security holes. Quite detailed info about every single intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the standard logs generated by the Apache server, so you can later examine them and decide whether you need to take additional measures so as to increase the safety of your script-driven Internet sites.

ModSecurity in Web Hosting

ModSecurity is available with each and every web hosting package which we offer and it's activated by default for every domain or subdomain that you add through your Hepsia Control Panel. In the event that it disrupts any of your programs or you'd like to disable it for any reason, you'll be able to achieve that through the ModSecurity area of Hepsia with merely a click. You can also use a passive mode, so the firewall will discover possible attacks and keep a log, but will not take any action. You can view detailed logs in the same section, including the IP address where the attack came from, what precisely the attacker attempted to do and at what time, what ModSecurity did, etc. For optimum safety of our customers we use a collection of commercial firewall rules combined with custom ones that are provided by our system administrators.

ModSecurity in Semi-dedicated Servers

We've included ModSecurity by default within all semi-dedicated server plans, so your web applications shall be protected the instant you install them under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall permit you to enable or disable the firewall for any Internet site with a click. You shall also have the ability to turn on a passive detection mode with which ModSecurity will keep a log of potential attacks without actually stopping them. The comprehensive logs contain the nature of the attack and what ModSecurity response this attack activated, where it came from, etc. The list of rules which we use is frequently updated as to match any new risks that might appear on the Internet and it comes with both commercial rules that we get from a security company and custom-written ones which our administrators include if they discover a threat that's not present in the commercial list yet.

ModSecurity in Dedicated Servers

All our dedicated servers that are set up with the Hepsia hosting Control Panel feature ModSecurity, so any app which you upload or install shall be protected from the very beginning and you will not need to stress about common attacks or vulnerabilities. An independent section within Hepsia will permit you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you shall find in the logs can easily allow you to to secure your Internet sites better - the IP address an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, and so forth. With this data, you can see whether an Internet site needs an update, whether you should block IPs from accessing your server, etcetera. Aside from the third-party commercial security rules for ModSecurity we use, our admins include custom ones too if they find a new threat that is not yet a part of the commercial bundle.