ModSecurity is an efficient firewall for Apache web servers which is used to prevent attacks toward web apps. It keeps track of the HTTP traffic to a particular website in real time and prevents any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to do that - for example, trying to log in to a script admin area without success several times sets off one rule, sending a request to execute a specific file which may result in getting access to the Internet site triggers a different rule, and so on. ModSecurity is among the best firewalls out there and it'll secure even scripts that are not updated regularly because it can prevent attackers from employing known exploits and security holes. Quite comprehensive information about every single intrusion attempt is recorded and the logs the firewall keeps are a lot more specific than the conventional logs provided by the Apache server, so you can later take a look at them and determine whether you need to take more measures so as to boost the protection of your script-driven Internet sites.

ModSecurity in Cloud Hosting

ModSecurity is supplied with all cloud hosting servers, so when you choose to host your Internet sites with our company, they shall be shielded from a wide array of attacks. The firewall is turned on by default for all domains and subdomains, so there'll be nothing you shall need to do on your end. You will be able to stop ModSecurity for any website if necessary, or to switch on a detection mode, so all activity will be recorded, but the firewall won't take any real action. You'll be able to view comprehensive logs using your Hepsia CP including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity dealt with the threat. Since we take the protection of our clients' websites seriously, we use a set of commercial rules that we take from one of the top firms that maintain this kind of rules. Our admins also include custom rules to make certain that your websites will be protected against as many risks as possible.

ModSecurity in Semi-dedicated Hosting

We have included ModSecurity by default in all semi-dedicated hosting products, so your web apps shall be protected as soon as you install them under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts will allow you to enable or turn off the firewall for any website with a mouse click. You will also be able to turn on a passive detection mode through which ModSecurity shall keep a log of potential attacks without actually stopping them. The comprehensive logs include things like the nature of the attack and what ModSecurity response that attack initiated, where it originated from, and so forth. The list of rules we use is constantly updated as to match any new threats that could appear on the Internet and it comes with both commercial rules that we get from a security firm and custom-written ones which our admins include in the event that they find a threat that's not present within the commercial list yet.

ModSecurity in Dedicated Web Hosting

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain you create on the server. In case that a web app doesn't operate correctly, you may either switch off the firewall or set it to operate in passive mode. The second means that ModSecurity will maintain a log of any potential attack that may happen, but shall not take any action to prevent it. The logs produced in active or passive mode shall offer you additional details about the exact file which was attacked, the type of the attack and the IP address it originated from, etc. This info will permit you to choose what steps you can take to improve the safety of your Internet sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated regularly with a commercial package from a third-party security firm we work with, but from time to time our admins include their own rules also in the event that they discover a new potential threat.