ModSecurity is a powerful firewall for Apache web servers which is employed to prevent attacks toward web apps. It monitors the HTTP traffic to a specific site in real time and prevents any intrusion attempts the instant it discovers them. The firewall uses a set of rules to do that - for example, attempting to log in to a script administration area without success several times activates one rule, sending a request to execute a certain file which could result in getting access to the website triggers a different rule, and so forth. ModSecurity is amongst the best firewalls around and it'll secure even scripts which are not updated on a regular basis as it can prevent attackers from using known exploits and security holes. Very thorough info about each intrusion attempt is recorded and the logs the firewall keeps are a lot more detailed than the standard logs provided by the Apache server, so you could later take a look at them and decide if you need to take more measures so as to boost the protection of your script-driven websites.

ModSecurity in Cloud Web Hosting

ModSecurity is provided with all cloud web hosting servers, so if you opt to host your Internet sites with our business, they shall be shielded from a wide range of attacks. The firewall is turned on by default for all domains and subdomains, so there will be nothing you shall need to do on your end. You'll be able to stop ModSecurity for any Internet site if required, or to activate a detection mode, so all activity shall be recorded, but the firewall will not take any real action. You shall be able to view specific logs through your Hepsia CP including the IP address where the attack came from, what the attacker wanted to do and how ModSecurity handled the threat. Since we take the protection of our customers' Internet sites seriously, we employ a set of commercial rules which we get from one of the best firms that maintain this type of rules. Our administrators also include custom rules to make sure that your sites shall be resistant to as many threats as possible.

ModSecurity in Semi-dedicated Servers

ModSecurity is a part of our semi-dedicated server plans and if you decide to host your Internet sites with our company, there won't be anything special you will have to do since the firewall is activated by default for all domains and subdomains that you include through your hosting CP. If necessary, you could disable ModSecurity for a particular site or turn on the so-called detection mode in which case the firewall will still work and record information, but shall not do anything to prevent possible attacks against your Internet sites. Detailed logs shall be available in your Control Panel and you will be able to see which kind of attacks happened, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, and so forth. We use two kinds of rules on our servers - commercial ones from a business which operates in the field of web security, and customized ones that our admins often add to respond to newly found threats in a timely manner.

ModSecurity in Dedicated Servers

If you decide to host your websites on a dedicated server with the Hepsia CP, your web programs shall be protected immediately because ModSecurity is provided with all Hepsia-based packages. You shall be able to regulate the firewall without difficulty and if necessary, you'll be able to turn it off or activate its passive mode when it shall only keep a log of what is occurring without taking any action to stop potential attacks. The logs that you will find within the very same section of the CP are very detailed and feature data about the attacker IP address, what site and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, etc. This info will enable you to take measures and improve the security of your Internet sites even more. To be on the safe side, we use not only commercial rules, but also custom-made ones which our administrators add whenever they recognize attacks which haven't yet been included in the commercial pack.