ModSecurity is a highly effective firewall for Apache web servers which is employed to prevent attacks against web applications. It monitors the HTTP traffic to a specific website in real time and blocks any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to accomplish that - as an illustration, trying to log in to a script administration area unsuccessfully several times sets off one rule, sending a request to execute a certain file which may result in getting access to the site triggers another rule, and so forth. ModSecurity is amongst the best firewalls available and it'll protect even scripts which aren't updated regularly since it can prevent attackers from using known exploits and security holes. Incredibly detailed information about every single intrusion attempt is recorded and the logs the firewall maintains are much more detailed than the conventional logs provided by the Apache server, so you could later take a look at them and determine whether you need to take additional measures in order to improve the protection of your script-driven sites.

ModSecurity in Hosting

ModSecurity is available with every single hosting plan which we offer and it is switched on by default for any domain or subdomain which you add through your Hepsia Control Panel. In the event that it disrupts any of your applications or you'd like to disable it for some reason, you will be able to accomplish that through the ModSecurity area of Hepsia with simply a mouse click. You may also enable a passive mode, so the firewall will identify possible attacks and maintain a log, but shall not take any action. You could see comprehensive logs in the same section, including the IP address where the attack originated from, what precisely the attacker tried to do and at what time, what ModSecurity did, and so forth. For max safety of our clients we use a collection of commercial firewall rules mixed with custom ones which are added by our system administrators.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting packages and if you choose to host your websites with our company, there won't be anything special you will have to do as the firewall is activated by default for all domains and subdomains which you add via your hosting CP. If necessary, you can disable ModSecurity for a particular site or enable the so-called detection mode in which case the firewall will still function and record info, but won't do anything to prevent potential attacks on your websites. Thorough logs will be accessible in your CP and you'll be able to see what type of attacks occurred, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, etcetera. We use two kinds of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom made ones that our administrators occasionally include to respond to newly identified risks on time.

ModSecurity in Dedicated Hosting

ModSecurity is offered by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the server. In the event that a web application doesn't operate properly, you could either turn off the firewall or set it to work in passive mode. The second means that ModSecurity will maintain a log of any potential attack that may take place, but shall not take any action to prevent it. The logs produced in passive or active mode shall present you with more details about the exact file that was attacked, the type of the attack and the IP it originated from, etcetera. This data shall permit you to determine what steps you can take to enhance the safety of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules that we use are updated regularly with a commercial pack from a third-party security company we work with, but oftentimes our staff include their own rules as well in the event that they come across a new potential threat.