ModSecurity is a powerful firewall for Apache web servers which is used to prevent attacks against web applications. It tracks the HTTP traffic to a particular site in real time and prevents any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to accomplish that - for instance, attempting to log in to a script admin area unsuccessfully many times triggers one rule, sending a request to execute a specific file which may result in getting access to the website triggers a different rule, and so forth. ModSecurity is amongst the best firewalls around and it will secure even scripts which are not updated on a regular basis as it can prevent attackers from using known exploits and security holes. Quite thorough information about each and every intrusion attempt is recorded and the logs the firewall maintains are far more specific than the regular logs provided by the Apache server, so you can later take a look at them and determine whether you need to take extra measures so as to increase the protection of your script-driven sites.

ModSecurity in Cloud Hosting

ModSecurity is offered with each and every cloud hosting package which we provide and it's activated by default for any domain or subdomain that you add via your Hepsia Control Panel. If it interferes with any of your programs or you'd like to disable it for any reason, you'll be able to accomplish that through the ModSecurity area of Hepsia with just a click. You could also activate a passive mode, so the firewall will detect potential attacks and maintain a log, but won't take any action. You can view comprehensive logs in the same section, including the IP where the attack came from, what precisely the attacker tried to do and at what time, what ModSecurity did, etc. For max security of our customers we use a collection of commercial firewall rules combined with custom ones which are provided by our system administrators.

ModSecurity in Semi-dedicated Hosting

We've integrated ModSecurity as a standard within all semi-dedicated hosting plans, so your web applications shall be protected as soon as you install them under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts will allow you to enable or turn off the firewall for any site with a click. You will also be able to switch on a passive detection mode in which ModSecurity will keep a log of potential attacks without really stopping them. The detailed logs contain the nature of the attack and what ModSecurity response this attack caused, where it came from, etcetera. The list of rules which we employ is regularly updated as to match any new threats which might appear on the Internet and it includes both commercial rules that we get from a security company and custom-written ones which our administrators add in the event that they find a threat which is not present in the commercial list yet.

ModSecurity in Dedicated Web Hosting

ModSecurity is provided with all dedicated servers which are integrated with our Hepsia Control Panel and you won't need to do anything specific on your end to use it because it's turned on by default each time you add a new domain or subdomain on your server. If it interferes with any of your applications, you will be able to stop it through the respective section of Hepsia, or you could leave it in passive mode, so it will recognize attacks and shall still maintain a log for them, but shall not block them. You can look at the logs later to find out what you can do to enhance the safety of your sites since you shall find info such as where an intrusion attempt came from, what Internet site was attacked and based on what rule ModSecurity reacted, etcetera. The rules that we use are commercial, thus they are regularly updated by a security firm, but to be on the safe side, our staff also include custom rules occasionally in order to deal with any new threats they have identified.