ModSecurity is an effective firewall for Apache web servers which is employed to stop attacks against web applications. It keeps track of the HTTP traffic to a specific site in real time and stops any intrusion attempts the instant it discovers them. The firewall uses a set of rules to do this - as an example, trying to log in to a script admin area without success several times triggers one rule, sending a request to execute a certain file that could result in gaining access to the website triggers another rule, etc. ModSecurity is amongst the best firewalls out there and it will preserve even scripts that aren't updated often since it can prevent attackers from using known exploits and security holes. Quite detailed data about each and every intrusion attempt is recorded and the logs the firewall maintains are considerably more comprehensive than the regular logs provided by the Apache server, so you may later examine them and determine if you need to take more measures so as to boost the protection of your script-driven Internet sites.

ModSecurity in Cloud Web Hosting

ModSecurity is supplied with all cloud web hosting machines, so if you decide to host your sites with our firm, they'll be resistant to a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you shall need to do on your end. You'll be able to stop ModSecurity for any website if needed, or to switch on a detection mode, so that all activity will be recorded, but the firewall will not take any real action. You shall be able to view specific logs via your Hepsia Control Panel including the IP address where the attack came from, what the attacker wished to do and how ModSecurity dealt with the threat. As we take the protection of our clients' websites seriously, we employ a group of commercial rules that we take from one of the leading companies that maintain this sort of rules. Our administrators also add custom rules to ensure that your Internet sites will be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting solutions and if you choose to host your Internet sites with our company, there will not be anything special you'll have to do given that the firewall is turned on by default for all domains and subdomains you include using your hosting Control Panel. If required, you'll be able to disable ModSecurity for a certain Internet site or switch on the so-called detection mode in which case the firewall shall still operate and record info, but shall not do anything to prevent possible attacks on your sites. Detailed logs will be readily available inside your CP and you will be able to see what type of attacks took place, what security rules were triggered and how the firewall handled the threats, what IP addresses the attacks came from, etcetera. We use two kinds of rules on our servers - commercial ones from a business that operates in the field of web security, and custom ones which our admins occasionally include to respond to newly identified threats promptly.

ModSecurity in VPS

ModSecurity is provided with all Hepsia-based virtual private servers which we offer and it will be turned on automatically for every new domain or subdomain you include on the hosting server. In this way, any web app which you install will be protected right away without doing anything by hand on your end. The firewall may be managed from the section of the CP that has the same name. This is the area in whichyou could switch off ModSecurity or enable its passive mode, so it won't take any action toward threats, but shall still maintain a comprehensive log. The recorded information is available in the same section as well and you will be able to see what IPs any attacks originated from to enable you to stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity reacted. The rules that we employ on our servers are a mix between commercial ones which we obtain from a security company and custom ones which are included by our staff to maximize the protection of any web applications hosted on our end.

ModSecurity in Dedicated Hosting

ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain that you create on the server. In case that a web app doesn't function correctly, you could either disable the firewall or set it to work in passive mode. The second means that ModSecurity will maintain a log of any possible attack that could occur, but won't take any action to stop it. The logs generated in passive or active mode will provide you with more details about the exact file which was attacked, the type of the attack and the IP it came from, etc. This data will enable you to determine what actions you can take to boost the security of your websites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we employ are updated often with a commercial pack from a third-party security enterprise we work with, but oftentimes our staff add their own rules as well if they discover a new potential threat.