ModSecurity is a powerful firewall for Apache web servers which is used to prevent attacks toward web apps. It tracks the HTTP traffic to a particular Internet site in real time and stops any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to do this - for example, trying to log in to a script administration area without success a few times activates one rule, sending a request to execute a particular file which could result in accessing the Internet site triggers a different rule, etc. ModSecurity is amongst the best firewalls out there and it will secure even scripts that aren't updated often as it can prevent attackers from employing known exploits and security holes. Incredibly detailed information about each and every intrusion attempt is recorded and the logs the firewall maintains are far more detailed than the conventional logs generated by the Apache server, so you may later take a look at them and determine whether you need to take extra measures so as to enhance the protection of your script-driven Internet sites.

ModSecurity in Hosting

ModSecurity comes standard with all hosting plans which we supply and it will be activated automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to switch on and deactivate it with just a click or set it to detection mode, so it'll maintain a log of all attacks, but it will not do anything to prevent them. The log for any of your websites will contain comprehensive info including the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules that we use are frequently updated and include both commercial ones which we get from a third-party security business and custom ones our system administrators include in case that they detect a new kind of attacks. In this way, the sites which you host here shall be far more protected with no action required on your end.

ModSecurity in Dedicated Servers

ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the hosting server. Just in case that a web application does not function adequately, you can either disable the firewall or set it to function in passive mode. The latter means that ModSecurity will maintain a log of any potential attack that may happen, but will not take any action to stop it. The logs created in passive or active mode will present you with additional details about the exact file which was attacked, the nature of the attack and the IP it originated from, and so forth. This information will enable you to decide what measures you can take to improve the safety of your sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated constantly with a commercial bundle from a third-party security provider we work with, but occasionally our staff add their own rules also when they identify a new potential threat.