ModSecurity is an efficient firewall for Apache web servers that's used to stop attacks against web apps. It tracks the HTTP traffic to a particular site in real time and blocks any intrusion attempts the instant it discovers them. The firewall uses a set of rules to do that - for example, attempting to log in to a script admin area without success a few times sets off one rule, sending a request to execute a particular file that could result in getting access to the Internet site triggers another rule, and so on. ModSecurity is amongst the best firewalls on the market and it'll secure even scripts which are not updated regularly as it can prevent attackers from employing known exploits and security holes. Incredibly comprehensive information about every single intrusion attempt is recorded and the logs the firewall keeps are far more specific than the regular logs provided by the Apache server, so you could later analyze them and determine whether you need to take extra measures in order to enhance the security of your script-driven websites.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server plans and if you decide to host your sites with our company, there shall not be anything special you will have to do as the firewall is switched on by default for all domains and subdomains which you add through your hosting CP. If needed, you can disable ModSecurity for a given site or switch on the so-called detection mode in which case the firewall will still work and record information, but will not do anything to stop possible attacks on your sites. Comprehensive logs shall be accessible in your Control Panel and you'll be able to see what type of attacks occurred, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks came from, and so on. We use 2 types of rules on our servers - commercial ones from a company that operates in the field of web security, and customized ones that our administrators sometimes add to respond to newly discovered risks promptly.

ModSecurity in VPS Servers

All VPS servers that are provided with the Hepsia Control Panel include ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the web server, so there shall not be anything special which you shall have to do to protect your Internet sites. It shall take you simply a mouse click to stop ModSecurity if necessary or to activate its passive mode so that it records what occurs without taking any measures to stop intrusions. You will be able to look at the logs created in active or passive mode from the corresponding section of Hepsia and discover more about the form of the attack, where it came from, what rule the firewall employed to take care of it, etcetera. We use a combination of commercial and custom rules so as to ensure that ModSecurity will block out as many threats as possible, hence increasing the protection of your web programs as much as possible.

ModSecurity in Dedicated Servers

All of our dedicated servers which are installed with the Hepsia hosting Control Panel include ModSecurity, so any app you upload or set up will be protected from the very beginning and you'll not need to bother about common attacks or vulnerabilities. An individual section inside Hepsia will enable you to start or stop the firewall for every domain or subdomain, or switch on a detection mode so that it records information regarding intrusions, but does not take actions to prevent them. What you shall discover in the logs shall enable you to to secure your Internet sites better - the IP an attack originated from, what website was attacked and how, what ModSecurity rule was triggered, and so on. With this information, you could see if an Internet site needs an update, whether you need to block IPs from accessing your hosting server, etc. Aside from the third-party commercial security rules for ModSecurity we use, our admins include custom ones as well every time they find a new threat that's not yet a part of the commercial bundle.