ModSecurity is a powerful firewall for Apache web servers which is employed to stop attacks towards web applications. It keeps track of the HTTP traffic to a particular website in real time and prevents any intrusion attempts as soon as it detects them. The firewall uses a set of rules to do this - for example, trying to log in to a script administrator area unsuccessfully a few times triggers one rule, sending a request to execute a specific file which could result in gaining access to the website triggers a different rule, etcetera. ModSecurity is among the best firewalls around and it will secure even scripts that are not updated often since it can prevent attackers from employing known exploits and security holes. Very comprehensive information about every single intrusion attempt is recorded and the logs the firewall keeps are far more comprehensive than the regular logs provided by the Apache server, so you could later take a look at them and determine if you need to take more measures so as to enhance the security of your script-driven websites.

ModSecurity in Website Hosting

ModSecurity is available on all website hosting servers, so if you decide to host your Internet sites with our organization, they will be shielded from a wide array of attacks. The firewall is turned on by default for all domains and subdomains, so there will be nothing you will have to do on your end. You shall be able to stop ModSecurity for any website if needed, or to enable a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You will be able to view comprehensive logs using your Hepsia Control Panel including the IP address where the attack came from, what the attacker planned to do and how ModSecurity addressed the threat. Since we take the protection of our clients' Internet sites very seriously, we use a set of commercial rules which we take from one of the top firms that maintain this sort of rules. Our administrators also include custom rules to make certain that your sites will be shielded from as many threats as possible.

ModSecurity in Semi-dedicated Hosting

ModSecurity is part of our semi-dedicated hosting packages and if you decide to host your Internet sites with our company, there will not be anything special you'll have to do given that the firewall is activated by default for all domains and subdomains you include through your hosting Control Panel. If required, you can disable ModSecurity for a certain site or switch on the so-called detection mode in which case the firewall shall still work and record data, but will not do anything to prevent potential attacks against your sites. Comprehensive logs will be readily available in your CP and you shall be able to see which kind of attacks happened, what security rules were triggered and how the firewall addressed the threats, what IP addresses the attacks came from, etc. We employ 2 types of rules on our servers - commercial ones from a business that operates in the field of web security, and custom made ones that our administrators often include to respond to newly identified threats promptly.

ModSecurity in Dedicated Web Hosting

ModSecurity is included with all dedicated servers which are integrated with our Hepsia CP and you will not need to do anything specific on your end to use it because it is activated by default each time you include a new domain or subdomain on your server. In case it interferes with some of your programs, you'll be able to stop it through the respective section of Hepsia, or you can leave it operating in passive mode, so it shall detect attacks and will still keep a log for them, but shall not block them. You can analyze the logs later to find out what you can do to increase the protection of your Internet sites since you shall find details such as where an intrusion attempt originated from, what site was attacked and based on what rule ModSecurity reacted, and so on. The rules which we employ are commercial, thus they're frequently updated by a security provider, but to be on the safe side, our administrators also include custom rules every now and then as to respond to any new threats they have identified.