ModSecurity is an effective firewall for Apache web servers that's used to prevent attacks towards web apps. It keeps track of the HTTP traffic to a specific Internet site in real time and prevents any intrusion attempts the instant it discovers them. The firewall relies on a set of rules to do that - for instance, trying to log in to a script administration area without success a few times sets off one rule, sending a request to execute a certain file which could result in accessing the site triggers another rule, etc. ModSecurity is among the best firewalls out there and it'll protect even scripts which aren't updated frequently because it can prevent attackers from employing known exploits and security holes. Quite detailed data about each intrusion attempt is recorded and the logs the firewall keeps are considerably more comprehensive than the regular logs provided by the Apache server, so you can later analyze them and determine if you need to take extra measures in order to boost the protection of your script-driven sites.

ModSecurity in Website Hosting

We offer ModSecurity with all website hosting plans, so your web apps shall be protected against harmful attacks. The firewall is turned on as standard for all domains and subdomains, but if you'd like, you shall be able to stop it through the respective part of your Hepsia CP. You can also activate a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you shall discover inside Hepsia are quite detailed and offer data about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, etcetera. We use a group of commercial rules which are often updated, but sometimes our administrators add custom rules as well in order to better protect the websites hosted on our machines.

ModSecurity in Semi-dedicated Servers

Any web application that you set up within your new semi-dedicated server account will be protected by ModSecurity as the firewall is provided with all our hosting solutions and is activated by default for any domain and subdomain that you include or create through your Hepsia hosting CP. You'll be able to manage ModSecurity through a dedicated area inside Hepsia where not only can you activate or deactivate it fully, but you could also activate a passive mode, so the firewall shall not stop anything, but it will still maintain an archive of potential attacks. This takes just a mouse click and you'll be able to view the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it came from, how it was addressed, and so on. The firewall uses 2 groups of rules on our web servers - a commercial one which we get from a third-party web security company and a custom one which our administrators update manually as to respond to newly discovered threats as quickly as possible.

ModSecurity in Dedicated Servers

If you opt to host your sites on a dedicated server with the Hepsia Control Panel, your web programs shall be protected immediately since ModSecurity is provided with all Hepsia-based solutions. You will be able to regulate the firewall easily and if needed, you will be able to turn it off or enable its passive mode when it shall only keep a log of what is occurring without taking any action to stop possible attacks. The logs which you will find in the very same section of the CP are extremely detailed and include info about the attacker IP address, what website and file were attacked and in what ways, what rule the firewall used to stop the intrusion, etcetera. This info shall permit you to take measures and boost the security of your websites even more. To be on the safe side, we employ not only commercial rules, but also custom-made ones which our administrators include when they recognize attacks which haven't yet been included in the commercial pack.