ModSecurity is an efficient firewall for Apache web servers that's employed to prevent attacks against web apps. It monitors the HTTP traffic to a given website in real time and blocks any intrusion attempts as soon as it detects them. The firewall relies on a set of rules to do that - as an illustration, attempting to log in to a script administrator area without success many times activates one rule, sending a request to execute a certain file which could result in accessing the website triggers a different rule, and so forth. ModSecurity is amongst the best firewalls on the market and it will secure even scripts that aren't updated regularly as it can prevent attackers from employing known exploits and security holes. Quite comprehensive info about every intrusion attempt is recorded and the logs the firewall maintains are much more comprehensive than the regular logs created by the Apache server, so you may later analyze them and determine if you need to take extra measures in order to improve the protection of your script-driven Internet sites.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting solutions which we offer feature ModSecurity and given that the firewall is switched on by default, any Internet site you set up under a domain or a subdomain shall be secured immediately. A separate section within the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it will permit you to stop and start the firewall for any website or enable a detection mode. With the last mentioned, ModSecurity shall not take any action, but it shall still identify possible attacks and will keep all info inside a log as if it were fully active. The logs can be found in the very same section of the CP and they include details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so forth. The security rules that we employ on our servers are a mix between commercial ones from a security company and custom ones made by our system administrators. Consequently, we provide increased security for your web apps as we can protect them from attacks even before security businesses release updates for brand new threats.

ModSecurity in Dedicated Hosting

ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain that you create on the server. Just in case that a web app does not work correctly, you may either disable the firewall or set it to operate in passive mode. The second means that ModSecurity will keep a log of any possible attack that could take place, but will not take any action to stop it. The logs produced in active or passive mode will offer you more details about the exact file which was attacked, the form of the attack and the IP it came from, etc. This data shall allow you to determine what measures you can take to enhance the security of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated regularly with a commercial pack from a third-party security provider we work with, but sometimes our administrators include their own rules too in case they identify a new potential threat.