ModSecurity is a highly effective firewall for Apache web servers that's used to prevent attacks against web applications. It monitors the HTTP traffic to a specific Internet site in real time and stops any intrusion attempts the instant it detects them. The firewall uses a set of rules to accomplish that - for example, attempting to log in to a script administration area without success many times triggers one rule, sending a request to execute a specific file that may result in getting access to the website triggers a different rule, and so on. ModSecurity is amongst the best firewalls out there and it'll preserve even scripts that are not updated on a regular basis as it can prevent attackers from using known exploits and security holes. Incredibly thorough data about every single intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the conventional logs provided by the Apache server, so you may later examine them and decide whether you need to take additional measures in order to boost the safety of your script-driven sites.

ModSecurity in Cloud Website Hosting

ModSecurity is provided with all cloud website hosting servers, so when you choose to host your sites with our organization, they'll be protected against a wide range of attacks. The firewall is enabled by default for all domains and subdomains, so there will be nothing you will need to do on your end. You will be able to stop ModSecurity for any website if needed, or to switch on a detection mode, so all activity will be recorded, but the firewall shall not take any real action. You shall be able to view detailed logs from your Hepsia CP including the IP where the attack originated from, what the attacker wanted to do and how ModSecurity handled the threat. As we take the protection of our customers' sites very seriously, we use a collection of commercial rules which we take from one of the top companies which maintain such rules. Our admins also add custom rules to make certain that your Internet sites will be resistant to as many risks as possible.

ModSecurity in Semi-dedicated Servers

We've included ModSecurity as a standard inside all semi-dedicated server packages, so your web applications will be protected the instant you set them up under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall allow you to enable or turn off the firewall for any Internet site with a mouse click. You will also have the ability to switch on a passive detection mode through which ModSecurity shall keep a log of possible attacks without actually stopping them. The comprehensive logs include the nature of the attack and what ModSecurity response this attack triggered, where it originated from, and so on. The list of rules we employ is regularly updated in order to match any new threats that could appear on the Internet and it includes both commercial rules that we get from a security firm and custom-written ones that our administrators include in the event that they discover a threat that's not present inside the commercial list yet.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain which you create on the server. Just in case that a web application doesn't operate properly, you can either switch off the firewall or set it to function in passive mode. The latter means that ModSecurity will maintain a log of any possible attack which could happen, but will not take any action to prevent it. The logs created in passive or active mode will offer you additional details about the exact file which was attacked, the type of the attack and the IP it originated from, etc. This data will allow you to determine what steps you can take to improve the safety of your websites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated regularly with a commercial bundle from a third-party security company we work with, but occasionally our administrators add their own rules too in case they discover a new potential threat.