ModSecurity is an efficient firewall for Apache web servers that's used to stop attacks against web apps. It monitors the HTTP traffic to a specific Internet site in real time and prevents any intrusion attempts the instant it identifies them. The firewall relies on a set of rules to do that - as an example, trying to log in to a script admin area without success many times triggers one rule, sending a request to execute a specific file that could result in gaining access to the Internet site triggers another rule, etc. ModSecurity is among the best firewalls available and it will preserve even scripts that aren't updated regularly because it can prevent attackers from employing known exploits and security holes. Incredibly comprehensive information about every single intrusion attempt is recorded and the logs the firewall keeps are considerably more comprehensive than the conventional logs created by the Apache server, so you may later examine them and decide if you need to take more measures so as to increase the security of your script-driven websites.

ModSecurity in Hosting

ModSecurity comes standard with all hosting packages which we supply and it'll be activated automatically for any domain or subdomain you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you'll be able to switch on and disable it with just a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it'll not do anything to stop them. The log for any of your websites shall feature detailed information including the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are frequently updated and comprise of both commercial ones which we get from a third-party security business and custom ones our system administrators include in the event that they detect a new type of attacks. That way, the sites that you host here shall be far more secure with no action required on your end.

ModSecurity in Semi-dedicated Hosting

All semi-dedicated hosting plans which we offer feature ModSecurity and because the firewall is switched on by default, any site you set up under a domain or a subdomain shall be protected right away. An individual section within the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll enable you to start and stop the firewall for any website or switch on a detection mode. With the last option, ModSecurity will not take any action, but it'll still identify possible attacks and will keep all data inside a log as if it were completely active. The logs can be found in the exact same section of the CP and they offer info about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules which we use on our machines are a mix between commercial ones from a security firm and custom ones created by our system admins. Therefore, we offer greater security for your web apps as we can shield them from attacks even before security companies release updates for new threats.

ModSecurity in VPS Hosting

All virtual private servers that are set up with the Hepsia CP include ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the server, so there will not be anything special that you shall have to do to protect your Internet sites. It'll take you just a mouse click to stop ModSecurity if required or to switch on its passive mode so that it records what occurs without taking any steps to prevent intrusions. You will be able to see the logs generated in active or passive mode from the corresponding section of Hepsia and discover more about the type of the attack, where it originated from, what rule the firewall employed to deal with it, and so forth. We use a mix of commercial and custom rules in order to make sure that ModSecurity will stop as many risks as possible, hence boosting the protection of your web programs as much as possible.

ModSecurity in Dedicated Web Hosting

ModSecurity is included with all dedicated servers that are integrated with our Hepsia CP and you will not have to do anything specific on your end to employ it because it is enabled by default every time you add a new domain or subdomain on your hosting server. In case it disrupts some of your applications, you will be able to stop it via the respective section of Hepsia, or you could leave it in passive mode, so it'll detect attacks and will still keep a log for them, but shall not stop them. You'll be able to examine the logs later to find out what you can do to increase the safety of your websites since you shall find details such as where an intrusion attempt originated from, what site was attacked and in accordance with what rule ModSecurity responded, etc. The rules that we use are commercial, thus they are constantly updated by a security provider, but to be on the safe side, our admins also add custom rules from time to time as to react to any new threats they have discovered.

    • Our ID: 151274