ModSecurity is an effective firewall for Apache web servers which is used to stop attacks against web applications. It tracks the HTTP traffic to a given website in real time and prevents any intrusion attempts as soon as it identifies them. The firewall relies on a set of rules to accomplish that - as an example, trying to log in to a script admin area unsuccessfully many times triggers one rule, sending a request to execute a specific file that may result in gaining access to the website triggers a different rule, etcetera. ModSecurity is among the best firewalls available and it will secure even scripts which aren't updated frequently since it can prevent attackers from employing known exploits and security holes. Very thorough information about each intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the regular logs provided by the Apache server, so you may later analyze them and decide if you need to take extra measures in order to boost the protection of your script-driven sites.

ModSecurity in Shared Website Hosting

ModSecurity comes standard with all shared website hosting packages that we offer and it shall be turned on automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you can activate and disable it with simply a click or set it to detection mode, so it'll keep a log of all attacks, but it'll not do anything to prevent them. The log for any of your sites will feature detailed info which includes the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are regularly updated and incorporate both commercial ones we get from a third-party security company and custom ones which our system administrators include in the event that they detect a new type of attacks. This way, the websites you host here will be way more secure with no action required on your end.

ModSecurity in Semi-dedicated Servers

Any web program you set up inside your new semi-dedicated server account shall be protected by ModSecurity as the firewall is included with all our hosting solutions and is activated by default for any domain and subdomain which you include or create using your Hepsia hosting CP. You'll be able to manage ModSecurity via a dedicated area inside Hepsia where not simply could you activate or deactivate it fully, but you can also activate a passive mode, so the firewall won't stop anything, but it shall still maintain a record of potential attacks. This normally requires only a click and you'll be able to view the logs no matter if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, etcetera. The firewall employs two sets of rules on our web servers - a commercial one that we get from a third-party web security company and a custom one that our administrators update personally in order to respond to recently discovered risks at the earliest opportunity.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain which you create on the server. Just in case that a web app does not work correctly, you could either turn off the firewall or set it to function in passive mode. The latter means that ModSecurity will maintain a log of any potential attack that may happen, but will not take any action to prevent it. The logs produced in active or passive mode will offer you additional details about the exact file that was attacked, the nature of the attack and the IP address it originated from, and so forth. This info shall enable you to choose what actions you can take to boost the security of your sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules that we use are updated often with a commercial pack from a third-party security company we work with, but occasionally our administrators include their own rules also when they come across a new potential threat.