ModSecurity is an effective firewall for Apache web servers which is used to stop attacks against web apps. It keeps track of the HTTP traffic to a given website in real time and stops any intrusion attempts the moment it discovers them. The firewall relies on a set of rules to accomplish that - for instance, trying to log in to a script admin area unsuccessfully a few times activates one rule, sending a request to execute a specific file which may result in accessing the website triggers a different rule, etcetera. ModSecurity is one of the best firewalls available and it will protect even scripts that are not updated regularly because it can prevent attackers from using known exploits and security holes. Very comprehensive data about each intrusion attempt is recorded and the logs the firewall maintains are a lot more specific than the regular logs created by the Apache server, so you may later take a look at them and decide whether you need to take more measures so as to increase the safety of your script-driven Internet sites.

ModSecurity in Shared Hosting

ModSecurity comes standard with all shared hosting solutions which we offer and it will be switched on automatically for any domain or subdomain that you add/create in your Hepsia hosting CP. The firewall has 3 different modes, so you could activate and disable it with a click or set it to detection mode, so it will maintain a log of all attacks, but it'll not do anything to prevent them. The log for any of your websites will contain in-depth information which includes the nature of the attack, where it came from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are regularly updated and consist of both commercial ones we get from a third-party security business and custom ones our system administrators include in case that they detect a new kind of attacks. That way, the Internet sites that you host here will be way more protected without any action needed on your end.

ModSecurity in Dedicated Web Hosting

When you decide to host your Internet sites on a dedicated server with the Hepsia Control Panel, your web apps will be protected straight away as ModSecurity is supplied with all Hepsia-based solutions. You shall be able to manage the firewall easily and if necessary, you'll be able to turn it off or enable its passive mode when it will only maintain a log of what is happening without taking any action to stop potential attacks. The logs which you'll find in the same section of the Control Panel are quite detailed and contain information about the attacker IP address, what website and file were attacked and in what way, what rule the firewall employed to stop the intrusion, and so forth. This data will allow you to take measures and improve the security of your Internet sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones which our admins add whenever they detect attacks which haven't yet been included inside the commercial pack.