ModSecurity is an efficient firewall for Apache web servers which is employed to prevent attacks toward web applications. It monitors the HTTP traffic to a particular Internet site in real time and prevents any intrusion attempts the moment it discovers them. The firewall uses a set of rules to do that - for instance, trying to log in to a script admin area without success several times activates one rule, sending a request to execute a specific file that may result in accessing the Internet site triggers another rule, and so forth. ModSecurity is among the best firewalls around and it will protect even scripts which are not updated regularly since it can prevent attackers from using known exploits and security holes. Incredibly detailed data about every single intrusion attempt is recorded and the logs the firewall maintains are considerably more detailed than the regular logs provided by the Apache server, so you could later analyze them and determine if you need to take extra measures in order to improve the safety of your script-driven sites.

ModSecurity in Shared Hosting

ModSecurity can be found with each shared hosting plan that we provide and it is activated by default for any domain or subdomain that you add through your Hepsia Control Panel. In case it disrupts any of your apps or you would like to disable it for whatever reason, you'll be able to achieve that through the ModSecurity section of Hepsia with merely a click. You may also enable a passive mode, so the firewall will identify potential attacks and maintain a log, but won't take any action. You could see detailed logs in the same section, including the IP where the attack came from, what precisely the attacker tried to do and at what time, what ModSecurity did, etcetera. For maximum safety of our clients we use a group of commercial firewall rules blended with custom ones which are included by our system admins.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting solutions and if you decide to host your sites with us, there will not be anything special you will have to do since the firewall is activated by default for all domains and subdomains which you include via your hosting CP. If necessary, you can disable ModSecurity for a given site or turn on the so-called detection mode in which case the firewall shall still operate and record data, but won't do anything to prevent possible attacks against your Internet sites. Comprehensive logs will be accessible inside your Control Panel and you'll be able to see which kind of attacks happened, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks originated from, and so forth. We employ 2 kinds of rules on our servers - commercial ones from a company that operates in the field of web security, and customized ones which our admins occasionally include to respond to newly discovered threats promptly.

ModSecurity in Dedicated Servers Hosting

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the hosting server. In case that a web app doesn't work correctly, you could either turn off the firewall or set it to operate in passive mode. The second means that ModSecurity shall maintain a log of any potential attack which may happen, but will not take any action to stop it. The logs created in passive or active mode will give you more details about the exact file which was attacked, the form of the attack and the IP it came from, etcetera. This info shall enable you to choose what actions you can take to increase the security of your websites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated often with a commercial pack from a third-party security company we work with, but from time to time our staff add their own rules also in the event that they identify a new potential threat.