ModSecurity is an efficient firewall for Apache web servers that's employed to prevent attacks towards web apps. It tracks the HTTP traffic to a certain site in real time and prevents any intrusion attempts the moment it detects them. The firewall uses a set of rules to do that - for example, trying to log in to a script admin area unsuccessfully several times activates one rule, sending a request to execute a specific file which could result in accessing the website triggers a different rule, etc. ModSecurity is amongst the best firewalls on the market and it'll protect even scripts that aren't updated often because it can prevent attackers from employing known exploits and security holes. Very detailed data about every single intrusion attempt is recorded and the logs the firewall keeps are a lot more specific than the conventional logs created by the Apache server, so you could later analyze them and decide if you need to take extra measures in order to enhance the protection of your script-driven sites.

ModSecurity in Shared Website Hosting

ModSecurity can be found with each shared website hosting package that we offer and it's turned on by default for any domain or subdomain which you add via your Hepsia Control Panel. In the event that it disrupts any of your apps or you'd like to disable it for whatever reason, you will be able to do this through the ModSecurity area of Hepsia with only a click. You could also activate a passive mode, so the firewall will recognize potential attacks and keep a log, but shall not take any action. You could see detailed logs in the very same section, including the IP where the attack originated from, what exactly the attacker aimed to do and at what time, what ModSecurity did, and so on. For max security of our customers we use a group of commercial firewall rules combined with custom ones which are added by our system admins.

ModSecurity in Dedicated Servers

ModSecurity is included with all dedicated servers which are integrated with our Hepsia CP and you will not need to do anything specific on your end to use it because it is enabled by default each time you include a new domain or subdomain on your server. If it disrupts some of your programs, you shall be able to stop it through the respective section of Hepsia, or you can leave it operating in passive mode, so it shall recognize attacks and will still maintain a log for them, but won't prevent them. You may analyze the logs later to find out what you can do to boost the safety of your sites since you shall find information such as where an intrusion attempt came from, what website was attacked and based upon what rule ModSecurity reacted, and so forth. The rules which we employ are commercial, therefore they are frequently updated by a security firm, but to be on the safe side, our administrators also add custom rules from time to time in order to deal with any new threats they have identified.