ModSecurity is an effective firewall for Apache web servers that is employed to prevent attacks toward web apps. It tracks the HTTP traffic to a given Internet site in real time and prevents any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to accomplish that - as an example, trying to log in to a script administrator area unsuccessfully many times triggers one rule, sending a request to execute a particular file which could result in accessing the Internet site triggers another rule, etc. ModSecurity is amongst the best firewalls around and it'll preserve even scripts that are not updated often as it can prevent attackers from using known exploits and security holes. Quite thorough info about each and every intrusion attempt is recorded and the logs the firewall maintains are a lot more specific than the standard logs created by the Apache server, so you can later analyze them and decide whether you need to take more measures in order to enhance the security of your script-driven sites.

ModSecurity in Semi-dedicated Hosting

ModSecurity is a part of our semi-dedicated hosting plans and if you decide to host your Internet sites with our company, there shall not be anything special you'll have to do as the firewall is turned on by default for all domains and subdomains that you include through your hosting CP. If necessary, you'll be able to disable ModSecurity for a particular Internet site or enable the so-called detection mode in which case the firewall will still function and record data, but will not do anything to stop potential attacks against your websites. In depth logs will be readily available in your CP and you shall be able to see what sort of attacks happened, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks came from, and so forth. We use 2 kinds of rules on our servers - commercial ones from a company which operates in the field of web security, and customized ones that our admins often add to respond to newly found risks in a timely manner.

ModSecurity in VPS

ModSecurity is included with all Hepsia-based virtual private servers that we offer and it shall be switched on automatically for every new domain or subdomain that you add on the web server. In this way, any web app you install will be protected from the very beginning without doing anything by hand on your end. The firewall can be handled via the section of the CP which has the same name. This is the area in whichyou can turn off ModSecurity or activate its passive mode, so it won't take any action against threats, but shall still maintain a thorough log. The recorded data is available within the same section as well and you will be able to see what IPs any attacks came from so that you stop them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules we use on our servers are a mix between commercial ones we obtain from a security firm and custom ones that are included by our administrators to improve the protection of any web applications hosted on our end.

ModSecurity in Dedicated Hosting

All our dedicated servers which are set up with the Hepsia hosting CP include ModSecurity, so any app which you upload or install will be properly secured from the very beginning and you will not need to bother about common attacks or vulnerabilities. An individual section in Hepsia will permit you to start or stop the firewall for any domain or subdomain, or turn on a detection mode so that it records info about intrusions, but doesn't take actions to prevent them. What you shall find in the logs can easily help you to secure your sites better - the IP address an attack came from, what website was attacked as well as how, what ModSecurity rule was triggered, and so on. With this info, you can see whether a site needs an update, whether you should block IPs from accessing your server, and so forth. Besides the third-party commercial security rules for ModSecurity which we use, our admins include custom ones too whenever they discover a new threat that's not yet in the commercial bundle.