ModSecurity is an effective firewall for Apache web servers that's used to stop attacks toward web applications. It tracks the HTTP traffic to a given Internet site in real time and stops any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to do this - for example, trying to log in to a script administration area without success several times activates one rule, sending a request to execute a particular file that could result in gaining access to the site triggers a different rule, etc. ModSecurity is amongst the best firewalls on the market and it will secure even scripts that are not updated regularly since it can prevent attackers from employing known exploits and security holes. Quite comprehensive information about each and every intrusion attempt is recorded and the logs the firewall maintains are much more detailed than the standard logs generated by the Apache server, so you could later analyze them and determine if you need to take more measures in order to improve the protection of your script-driven sites.

ModSecurity in Cloud Hosting

ModSecurity can be found with every cloud hosting plan which we offer and it's activated by default for every domain or subdomain which you add through your Hepsia Control Panel. If it interferes with any of your apps or you'd like to disable it for some reason, you'll be able to do that through the ModSecurity section of Hepsia with merely a mouse click. You can also enable a passive mode, so the firewall will identify possible attacks and maintain a log, but shall not take any action. You can see comprehensive logs in the same section, including the IP where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, and so on. For max safety of our clients we use a collection of commercial firewall rules mixed with custom ones that are provided by our system administrators.

ModSecurity in Semi-dedicated Servers

We've integrated ModSecurity as a standard inside all semi-dedicated server packages, so your web applications shall be protected as soon as you set them up under any domain or subdomain. The Hepsia CP that comes with the semi-dedicated accounts shall allow you to enable or turn off the firewall for any site with a mouse click. You will also be able to activate a passive detection mode in which ModSecurity shall keep a log of potential attacks without actually stopping them. The detailed logs contain the nature of the attack and what ModSecurity response that attack activated, where it came from, etc. The list of rules which we employ is regularly updated in order to match any new threats which might appear on the Internet and it comes with both commercial rules that we get from a security corporation and custom-written ones that our admins add if they find a threat which is not present inside the commercial list yet.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers which are integrated with our Hepsia Control Panel and you won't need to do anything specific on your end to employ it as it is enabled by default each time you include a new domain or subdomain on your web server. In the event that it interferes with any of your programs, you'll be able to stop it through the respective area of Hepsia, or you may leave it working in passive mode, so it'll identify attacks and shall still keep a log for them, but won't stop them. You may examine the logs later to find out what you can do to boost the safety of your sites as you'll find details such as where an intrusion attempt came from, what site was attacked and based upon what rule ModSecurity responded, etcetera. The rules that we employ are commercial, thus they're regularly updated by a security company, but to be on the safe side, our staff also add custom rules from time to time as to react to any new threats they have found.