ModSecurity

ModSecurity is an effective firewall for Apache web servers that's used to prevent attacks towards web applications. It monitors the HTTP traffic to a given website in real time and stops any intrusion attempts as soon as it identifies them. The firewall uses a set of rules to do this - as an illustration, attempting to log in to a script administration area without success a few times activates one rule, sending a request to execute a particular file that could result in getting access to the Internet site triggers another rule, and so on. ModSecurity is one of the best firewalls on the market and it'll preserve even scripts which aren't updated regularly because it can prevent attackers from employing known exploits and security holes. Very detailed data about every single intrusion attempt is recorded and the logs the firewall keeps are far more specific than the standard logs provided by the Apache server, so you may later examine them and decide whether you need to take extra measures in order to enhance the safety of your script-driven Internet sites.

ModSecurity in Semi-dedicated Hosting

Any web program which you set up inside your new semi-dedicated hosting account shall be protected by ModSecurity because the firewall is provided with all our hosting plans and is turned on by default for any domain and subdomain which you include or create via your Hepsia hosting CP. You will be able to manage ModSecurity via a dedicated section inside Hepsia where not only could you activate or deactivate it entirely, but you could also activate a passive mode, so the firewall shall not stop anything, but it'll still maintain a record of possible attacks. This normally requires only a click and you will be able to look at the logs regardless if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was dealt with, etc. The firewall uses two sets of rules on our servers - a commercial one that we get from a third-party web security firm and a custom one which our admins update personally in order to respond to newly discovered threats immediately.

ModSecurity in Dedicated Web Hosting

ModSecurity is provided as standard with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain you create on the web server. In case that a web app does not operate properly, you may either switch off the firewall or set it to operate in passive mode. The second means that ModSecurity will maintain a log of any potential attack that could occur, but won't take any action to prevent it. The logs produced in active or passive mode shall offer you additional details about the exact file which was attacked, the type of the attack and the IP it originated from, etc. This info shall enable you to decide what actions you can take to improve the protection of your websites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated regularly with a commercial pack from a third-party security company we work with, but sometimes our administrators add their own rules also if they come across a new potential threat.