ModSecurity is a powerful firewall for Apache web servers that is used to stop attacks towards web apps. It monitors the HTTP traffic to a specific Internet site in real time and prevents any intrusion attempts the moment it discovers them. The firewall uses a set of rules to accomplish that - for example, trying to log in to a script administrator area unsuccessfully a few times activates one rule, sending a request to execute a particular file which could result in accessing the website triggers another rule, etc. ModSecurity is one of the best firewalls available and it will protect even scripts that aren't updated regularly because it can prevent attackers from using known exploits and security holes. Quite thorough info about every single intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the conventional logs provided by the Apache server, so you may later examine them and determine whether you need to take additional measures in order to enhance the security of your script-driven Internet sites.

ModSecurity in Cloud Web Hosting

ModSecurity comes by default with all cloud web hosting plans which we offer and it will be turned on automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has three different modes, so you'll be able to switch on and deactivate it with a click or set it to detection mode, so it will keep a log of all attacks, but it will not do anything to stop them. The log for each of your websites will feature in-depth information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules we use are frequently updated and consist of both commercial ones we get from a third-party security business and custom ones our system admins add in case that they detect a new sort of attacks. In this way, the sites that you host here shall be way more protected without any action expected on your end.

ModSecurity in Semi-dedicated Servers

Any web app which you install inside your new semi-dedicated server account will be protected by ModSecurity since the firewall is provided with all our hosting plans and is switched on by default for any domain and subdomain that you add or create via your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated area inside Hepsia where not only could you activate or deactivate it entirely, but you can also activate a passive mode, so the firewall won't block anything, but it will still maintain an archive of potential attacks. This normally requires simply a click and you'll be able to look at the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was handled, etcetera. The firewall uses two groups of rules on our web servers - a commercial one which we get from a third-party web security company and a custom one which our administrators update manually as to respond to recently discovered risks as soon as possible.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers that are set up with our Hepsia Control Panel and you will not need to do anything specific on your end to use it as it is switched on by default each time you add a new domain or subdomain on your server. In case it interferes with some of your programs, you will be able to stop it through the respective part of Hepsia, or you could leave it in passive mode, so it shall detect attacks and shall still keep a log for them, but will not stop them. You'll be able to look at the logs later to find out what you can do to boost the security of your sites since you shall find information such as where an intrusion attempt came from, what Internet site was attacked and in accordance with what rule ModSecurity reacted, and so forth. The rules that we use are commercial, thus they're constantly updated by a security firm, but to be on the safe side, our administrators also add custom rules every now and then in order to react to any new threats they have discovered.