ModSecurity is a powerful firewall for Apache web servers which is employed to prevent attacks toward web applications. It monitors the HTTP traffic to a specific site in real time and stops any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to do this - as an illustration, trying to log in to a script administration area unsuccessfully a few times triggers one rule, sending a request to execute a certain file which may result in gaining access to the Internet site triggers a different rule, and so on. ModSecurity is one of the best firewalls available and it'll secure even scripts that aren't updated frequently as it can prevent attackers from employing known exploits and security holes. Quite detailed information about each and every intrusion attempt is recorded and the logs the firewall keeps are considerably more detailed than the standard logs generated by the Apache server, so you could later examine them and decide if you need to take more measures so as to enhance the protection of your script-driven sites.

ModSecurity in Shared Web Hosting

ModSecurity is available on all shared web hosting machines, so when you choose to host your websites with our business, they'll be protected against an array of attacks. The firewall is turned on by default for all domains and subdomains, so there shall be nothing you will have to do on your end. You will be able to stop ModSecurity for any website if necessary, or to activate a detection mode, so all activity will be recorded, but the firewall won't take any real action. You shall be able to view detailed logs from your Hepsia Control Panel including the IP where the attack originated from, what the attacker planned to do and how ModSecurity addressed the threat. As we take the security of our clients' Internet sites seriously, we use a set of commercial rules which we get from one of the leading firms that maintain such rules. Our administrators also add custom rules to make certain that your sites will be protected against as many risks as possible.

ModSecurity in Semi-dedicated Servers

Any web program which you install within your new semi-dedicated server account will be protected by ModSecurity because the firewall is provided with all our hosting plans and is turned on by default for any domain and subdomain you add or create via your Hepsia hosting Control Panel. You will be able to manage ModSecurity through a dedicated section in Hepsia where not simply can you activate or deactivate it fully, but you could also activate a passive mode, so the firewall shall not stop anything, but it shall still keep a record of potential attacks. This requires simply a click and you will be able to see the logs regardless of if ModSecurity is in active or passive mode through the same section - what the attack was and where it originated from, how it was taken care of, and so on. The firewall employs 2 groups of rules on our web servers - a commercial one that we get from a third-party web security firm and a custom one that our administrators update manually in order to respond to newly discovered risks at the earliest opportunity.