ModSecurity is a highly effective firewall for Apache web servers that is used to prevent attacks toward web apps. It keeps track of the HTTP traffic to a given website in real time and blocks any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to accomplish that - as an illustration, attempting to log in to a script administrator area without success many times triggers one rule, sending a request to execute a particular file that may result in accessing the site triggers another rule, and so forth. ModSecurity is among the best firewalls on the market and it'll protect even scripts which are not updated on a regular basis because it can prevent attackers from employing known exploits and security holes. Very thorough info about each intrusion attempt is recorded and the logs the firewall maintains are a lot more comprehensive than the conventional logs created by the Apache server, so you could later analyze them and determine if you need to take additional measures in order to increase the protection of your script-driven websites.

ModSecurity in Cloud Hosting

We offer ModSecurity with all cloud hosting packages, so your Internet apps shall be protected against harmful attacks. The firewall is switched on as standard for all domains and subdomains, but in case you would like, you'll be able to stop it using the respective area of your Hepsia CP. You can also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you'll find within Hepsia are incredibly detailed and feature data about the nature of any attack, when it occurred and from what IP address, the firewall rule which was triggered, and so forth. We employ a range of commercial rules which are frequently updated, but sometimes our admins include custom rules as well in order to efficiently protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Hosting

We've incorporated ModSecurity as a standard inside all semi-dedicated hosting packages, so your web applications shall be protected the instant you set them up under any domain or subdomain. The Hepsia Control Panel which comes with the semi-dedicated accounts will permit you to activate or disable the firewall for any Internet site with a click. You will also be able to turn on a passive detection mode with which ModSecurity will maintain a log of possible attacks without really stopping them. The thorough logs include the nature of the attack and what ModSecurity response that attack triggered, where it came from, and so on. The list of rules which we employ is frequently updated in order to match any new risks which may appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones that our admins include in case they find a threat that is not present within the commercial list yet.

ModSecurity in Dedicated Hosting

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the web server. In the event that a web app does not work adequately, you may either disable the firewall or set it to work in passive mode. The latter means that ModSecurity will keep a log of any possible attack that may occur, but shall not take any action to prevent it. The logs generated in passive or active mode will provide you with additional details about the exact file which was attacked, the form of the attack and the IP address it originated from, etcetera. This information will allow you to decide what actions you can take to enhance the protection of your websites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules which we use are updated regularly with a commercial package from a third-party security enterprise we work with, but sometimes our admins include their own rules as well in case they find a new potential threat.