ModSecurity is a powerful firewall for Apache web servers which is used to prevent attacks against web applications. It tracks the HTTP traffic to a specific site in real time and blocks any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to do this - for instance, trying to log in to a script administration area unsuccessfully a few times sets off one rule, sending a request to execute a particular file which may result in getting access to the site triggers a different rule, and so forth. ModSecurity is amongst the best firewalls on the market and it will secure even scripts which aren't updated often since it can prevent attackers from using known exploits and security holes. Quite thorough data about each and every intrusion attempt is recorded and the logs the firewall maintains are far more comprehensive than the regular logs provided by the Apache server, so you may later analyze them and determine if you need to take more measures in order to boost the protection of your script-driven websites.

ModSecurity in Cloud Hosting

ModSecurity is available with each cloud hosting package which we offer and it is switched on by default for every domain or subdomain that you include through your Hepsia Control Panel. In case it disrupts any of your apps or you would like to disable it for any reason, you will be able to do that through the ModSecurity section of Hepsia with only a click. You may also enable a passive mode, so the firewall will detect potential attacks and maintain a log, but won't take any action. You can see detailed logs in the same section, including the IP where the attack originated from, exactly what the attacker attempted to do and at what time, what ModSecurity did, and so on. For max security of our customers we use a collection of commercial firewall rules mixed with custom ones which are provided by our system administrators.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server packages and if you decide to host your sites with our company, there won't be anything special you'll have to do as the firewall is activated by default for all domains and subdomains you add through your hosting Control Panel. If needed, you'll be able to disable ModSecurity for a certain site or turn on the so-called detection mode in which case the firewall will still operate and record data, but will not do anything to prevent potential attacks on your sites. Comprehensive logs will be accessible inside your Control Panel and you'll be able to see what type of attacks took place, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, etc. We employ 2 sorts of rules on our servers - commercial ones from an organization that operates in the field of web security, and custom made ones which our admins sometimes add to respond to newly found threats in a timely manner.

ModSecurity in Dedicated Servers

All of our dedicated servers that are installed with the Hepsia hosting Control Panel feature ModSecurity, so any application which you upload or set up shall be properly secured from the very beginning and you won't need to worry about common attacks or vulnerabilities. An independent section within Hepsia will permit you to start or stop the firewall for every domain or subdomain, or activate a detection mode so that it records info about intrusions, but does not take actions to prevent them. What you'll see in the logs can easily help you to secure your websites better - the IP an attack came from, what site was attacked and in what way, what ModSecurity rule was triggered, and so forth. With this information, you can see if a site needs an update, if you ought to block IPs from accessing your web server, etc. Besides the third-party commercial security rules for ModSecurity which we use, our admins include custom ones too if they discover a new threat which is not yet a part of the commercial bundle.