ModSecurity is a powerful firewall for Apache web servers which is employed to prevent attacks against web applications. It tracks the HTTP traffic to a certain Internet site in real time and blocks any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to do that - as an example, attempting to log in to a script administrator area without success many times sets off one rule, sending a request to execute a specific file that may result in gaining access to the site triggers another rule, and so forth. ModSecurity is amongst the best firewalls out there and it'll secure even scripts which aren't updated regularly since it can prevent attackers from using known exploits and security holes. Very thorough data about every single intrusion attempt is recorded and the logs the firewall keeps are far more specific than the conventional logs created by the Apache server, so you could later examine them and decide if you need to take additional measures so as to increase the protection of your script-driven sites.

ModSecurity in Hosting

We provide ModSecurity with all hosting plans, so your Internet apps shall be protected against harmful attacks. The firewall is activated by default for all domains and subdomains, but in case you'd like, you will be able to stop it using the respective area of your Hepsia CP. You'll be able to also switch on a detection mode, so ModSecurity shall keep a log as intended, but shall not take any action. The logs which you shall discover within Hepsia are incredibly detailed and offer info about the nature of any attack, when it took place and from what IP, the firewall rule which was triggered, etcetera. We use a set of commercial rules which are constantly updated, but sometimes our administrators include custom rules as well in order to efficiently protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server solutions and if you decide to host your sites with our company, there shall not be anything special you will have to do given that the firewall is switched on by default for all domains and subdomains which you add via your hosting CP. If needed, you'll be able to disable ModSecurity for a given Internet site or activate the so-called detection mode in which case the firewall shall still work and record info, but shall not do anything to prevent potential attacks on your Internet sites. In depth logs will be accessible within your Control Panel and you'll be able to see what sort of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks came from, and so on. We use 2 kinds of rules on our servers - commercial ones from a business that operates in the field of web security, and custom ones which our admins often add to respond to newly found risks in a timely manner.

ModSecurity in Dedicated Servers

All of our dedicated servers that are set up with the Hepsia hosting Control Panel include ModSecurity, so any app which you upload or set up will be properly secured from the very beginning and you won't need to worry about common attacks or vulnerabilities. A separate section within Hepsia will permit you to start or stop the firewall for any domain or subdomain, or activate a detection mode so that it records information regarding intrusions, but doesn't take actions to stop them. What you'll see in the logs can allow you to to secure your Internet sites better - the IP address an attack originated from, what site was attacked and in what way, what ModSecurity rule was triggered, and so forth. With this info, you could see whether an Internet site needs an update, whether you ought to block IPs from accessing your web server, etcetera. Besides the third-party commercial security rules for ModSecurity we use, our administrators include custom ones as well if they discover a new threat that is not yet included in the commercial bundle.