ModSecurity is an efficient firewall for Apache web servers that's used to stop attacks against web applications. It tracks the HTTP traffic to a given website in real time and blocks any intrusion attempts the moment it discovers them. The firewall uses a set of rules to do this - for instance, trying to log in to a script administration area without success many times activates one rule, sending a request to execute a specific file that may result in gaining access to the Internet site triggers another rule, and so on. ModSecurity is among the best firewalls available on the market and it will protect even scripts which aren't updated on a regular basis since it can prevent attackers from employing known exploits and security holes. Very comprehensive data about each intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the conventional logs generated by the Apache server, so you may later analyze them and determine if you need to take extra measures so as to boost the safety of your script-driven websites.

ModSecurity in Cloud Website Hosting

ModSecurity comes standard with all cloud website hosting packages which we provide and it shall be turned on automatically for any domain or subdomain which you add/create within your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to activate and deactivate it with just a click or set it to detection mode, so it will maintain a log of all attacks, but it shall not do anything to prevent them. The log for any of your Internet sites shall contain detailed information which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules which we use are regularly updated and include both commercial ones which we get from a third-party security company and custom ones that our system admins include in case that they detect a new type of attacks. That way, the sites that you host here will be far more protected without any action needed on your end.

ModSecurity in Semi-dedicated Servers

Any web application which you install in your new semi-dedicated server account will be protected by ModSecurity as the firewall is included with all our hosting plans and is switched on by default for any domain and subdomain you add or create using your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated section within Hepsia where not only could you activate or deactivate it completely, but you can also switch on a passive mode, so the firewall will not stop anything, but it'll still maintain an archive of potential attacks. This normally requires only a click and you shall be able to see the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was dealt with, etc. The firewall uses two groups of rules on our machines - a commercial one which we get from a third-party web security firm and a custom one that our admins update personally as to respond to newly discovered risks as soon as possible.

ModSecurity in Dedicated Servers

All our dedicated servers that are set up with the Hepsia hosting Control Panel include ModSecurity, so any app which you upload or install shall be secured from the very beginning and you won't need to stress about common attacks or vulnerabilities. An individual section within Hepsia will allow you to start or stop the firewall for each and every domain or subdomain, or turn on a detection mode so that it records information about intrusions, but doesn't take actions to prevent them. What you'll discover in the logs shall allow you to to secure your sites better - the IP an attack came from, what website was attacked and how, what ModSecurity rule was triggered, etc. With this data, you'll be able to see if an Internet site needs an update, whether you should block IPs from accessing your hosting server, etc. In addition to the third-party commercial security rules for ModSecurity that we use, our administrators include custom ones too whenever they come across a new threat that is not yet in the commercial bundle.