ModSecurity is an efficient firewall for Apache web servers which is used to prevent attacks toward web apps. It tracks the HTTP traffic to a given website in real time and stops any intrusion attempts the moment it identifies them. The firewall uses a set of rules to do that - as an illustration, trying to log in to a script admin area without success a few times triggers one rule, sending a request to execute a particular file that may result in gaining access to the site triggers another rule, and so on. ModSecurity is one of the best firewalls around and it'll secure even scripts which aren't updated on a regular basis because it can prevent attackers from using known exploits and security holes. Incredibly thorough information about every single intrusion attempt is recorded and the logs the firewall keeps are a lot more detailed than the standard logs created by the Apache server, so you can later take a look at them and determine whether you need to take additional measures in order to enhance the protection of your script-driven websites.

ModSecurity in Cloud Hosting

ModSecurity can be found with each cloud hosting solution which we provide and it's turned on by default for every domain or subdomain that you include via your Hepsia CP. In the event that it disrupts any of your applications or you'd like to disable it for any reason, you'll be able to accomplish that through the ModSecurity section of Hepsia with simply a click. You can also use a passive mode, so the firewall will recognize possible attacks and keep a log, but will not take any action. You could see comprehensive logs in the very same section, including the IP address where the attack originated from, exactly what the attacker aimed to do and at what time, what ModSecurity did, etc. For max protection of our clients we use a set of commercial firewall rules mixed with custom ones which are added by our system admins.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages that we offer include ModSecurity and given that the firewall is switched on by default, any website you build under a domain or a subdomain will be secured right away. An individual section in the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it will enable you to stop and start the firewall for any website or activate a detection mode. With the last option, ModSecurity will not take any action, but it shall still identify possible attacks and will keep all data within a log as if it were fully active. The logs could be found in the same section of the CP and they offer details about the IP where an attack originated from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules we employ on our servers are a mix of commercial ones from a security business and custom ones developed by our system admins. Therefore, we provide higher security for your web apps as we can protect them from attacks before security firms release updates for brand new threats.