ModSecurity is an efficient firewall for Apache web servers that's used to stop attacks toward web apps. It monitors the HTTP traffic to a particular site in real time and prevents any intrusion attempts the instant it discovers them. The firewall uses a set of rules to accomplish that - for example, trying to log in to a script admin area unsuccessfully several times activates one rule, sending a request to execute a certain file which may result in accessing the website triggers a different rule, etc. ModSecurity is amongst the best firewalls on the market and it'll secure even scripts which aren't updated regularly because it can prevent attackers from employing known exploits and security holes. Very thorough info about every intrusion attempt is recorded and the logs the firewall maintains are far more specific than the conventional logs provided by the Apache server, so you can later take a look at them and determine if you need to take additional measures in order to increase the protection of your script-driven sites.

ModSecurity in Cloud Hosting

ModSecurity is offered with every cloud hosting plan which we offer and it is activated by default for every domain or subdomain which you add through your Hepsia CP. In case it interferes with any of your programs or you'd like to disable it for any reason, you'll be able to accomplish that through the ModSecurity section of Hepsia with only a click. You may also enable a passive mode, so the firewall will identify potential attacks and maintain a log, but will not take any action. You could view extensive logs in the same section, including the IP where the attack originated from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so on. For optimum security of our clients we use a group of commercial firewall rules combined with custom ones which are added by our system administrators.

ModSecurity in Semi-dedicated Servers

Any web app that you install within your new semi-dedicated server account shall be protected by ModSecurity because the firewall is provided with all our hosting solutions and is activated by default for any domain and subdomain that you include or create via your Hepsia hosting Control Panel. You shall be able to manage ModSecurity through a dedicated area within Hepsia where not simply can you activate or deactivate it completely, but you could also switch on a passive mode, so the firewall won't stop anything, but it shall still maintain an archive of possible attacks. This takes only a click and you'll be able to look at the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, etcetera. The firewall uses 2 sets of rules on our web servers - a commercial one that we get from a third-party web security company and a custom one that our administrators update manually in order to respond to newly discovered threats as soon as possible.

ModSecurity in Dedicated Servers

ModSecurity comes with all dedicated servers that are set up with our Hepsia CP and you will not need to do anything specific on your end to use it since it's activated by default whenever you include a new domain or subdomain on your web server. In case it disrupts some of your applications, you shall be able to stop it through the respective part of Hepsia, or you may leave it operating in passive mode, so it shall detect attacks and will still keep a log for them, but won't block them. You could analyze the logs later to find out what you can do to enhance the safety of your Internet sites as you'll find info such as where an intrusion attempt originated from, what website was attacked and based upon what rule ModSecurity responded, and so forth. The rules which we use are commercial, thus they're constantly updated by a security firm, but to be on the safe side, our admins also add custom rules once in a while as to respond to any new threats they have identified.