ModSecurity is an effective firewall for Apache web servers which is used to prevent attacks toward web apps. It tracks the HTTP traffic to a particular Internet site in real time and stops any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to do this - as an example, attempting to log in to a script administrator area unsuccessfully many times triggers one rule, sending a request to execute a specific file that could result in getting access to the website triggers another rule, and so forth. ModSecurity is amongst the best firewalls around and it'll preserve even scripts that aren't updated often because it can prevent attackers from employing known exploits and security holes. Very comprehensive info about every single intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the regular logs provided by the Apache server, so you may later analyze them and decide whether you need to take additional measures so as to boost the safety of your script-driven Internet sites.

ModSecurity in Shared Hosting

ModSecurity is supplied with all shared hosting servers, so if you opt to host your sites with our organization, they shall be shielded from an array of attacks. The firewall is enabled by default for all domains and subdomains, so there'll be nothing you will need to do on your end. You'll be able to stop ModSecurity for any site if needed, or to activate a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view detailed logs using your Hepsia Control Panel including the IP where the attack originated from, what the attacker wished to do and how ModSecurity addressed the threat. Since we take the protection of our clients' Internet sites very seriously, we use a group of commercial rules which we take from one of the top companies that maintain this sort of rules. Our administrators also include custom rules to make sure that your Internet sites shall be protected against as many threats as possible.

ModSecurity in Semi-dedicated Servers

Any web app which you set up in your new semi-dedicated server account will be protected by ModSecurity as the firewall is included with all our hosting solutions and is switched on by default for any domain and subdomain you include or create using your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated section in Hepsia where not only can you activate or deactivate it fully, but you could also switch on a passive mode, so the firewall will not block anything, but it will still keep a record of possible attacks. This requires simply a mouse click and you'll be able to view the logs regardless if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was dealt with, and so on. The firewall uses two groups of rules on our servers - a commercial one that we get from a third-party web security firm and a custom one that our administrators update personally in order to respond to recently discovered risks immediately.