ModSecurity is a highly effective firewall for Apache web servers that's used to prevent attacks towards web applications. It monitors the HTTP traffic to a certain Internet site in real time and prevents any intrusion attempts the moment it detects them. The firewall relies on a set of rules to do this - for example, attempting to log in to a script administration area without success a few times sets off one rule, sending a request to execute a particular file which may result in accessing the Internet site triggers another rule, and so forth. ModSecurity is among the best firewalls available on the market and it will secure even scripts which aren't updated frequently since it can prevent attackers from employing known exploits and security holes. Quite detailed information about every intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the conventional logs provided by the Apache server, so you can later analyze them and determine whether you need to take extra measures in order to increase the security of your script-driven websites.

ModSecurity in Web Hosting

We provide ModSecurity with all web hosting plans, so your Internet apps will be resistant to destructive attacks. The firewall is turned on as standard for all domains and subdomains, but if you'd like, you'll be able to stop it through the respective part of your Hepsia CP. You can also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs that you will discover within Hepsia are extremely detailed and include information about the nature of any attack, when it occurred and from what IP, the firewall rule which was triggered, and so forth. We employ a group of commercial rules that are constantly updated, but sometimes our administrators include custom rules as well in order to efficiently protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Hosting

We have incorporated ModSecurity by default in all semi-dedicated hosting packages, so your web apps will be protected as soon as you install them under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts will permit you to switch on or disable the firewall for any website with a mouse click. You shall also have the ability to turn on a passive detection mode through which ModSecurity will keep a log of possible attacks without really stopping them. The detailed logs contain the nature of the attack and what ModSecurity response this attack activated, where it came from, and so forth. The list of rules we employ is regularly updated as to match any new risks that could appear on the Internet and it comes with both commercial rules that we get from a security corporation and custom-written ones which our admins include if they find a threat that's not present in the commercial list yet.

ModSecurity in Dedicated Servers Hosting

ModSecurity comes with all dedicated servers that are integrated with our Hepsia CP and you won't need to do anything specific on your end to use it since it's switched on by default whenever you include a new domain or subdomain on your hosting server. In the event that it disrupts some of your apps, you'll be able to stop it through the respective area of Hepsia, or you could leave it operating in passive mode, so it will identify attacks and shall still maintain a log for them, but will not block them. You'll be able to look at the logs later to determine what you can do to increase the security of your websites as you shall find information such as where an intrusion attempt originated from, what website was attacked and based upon what rule ModSecurity reacted, etc. The rules we use are commercial, therefore they're frequently updated by a security provider, but to be on the safe side, our admins also include custom rules once in a while in order to react to any new threats they have identified.