ModSecurity is a highly effective firewall for Apache web servers that's employed to stop attacks toward web apps. It monitors the HTTP traffic to a certain website in real time and prevents any intrusion attempts the instant it identifies them. The firewall uses a set of rules to accomplish that - as an illustration, attempting to log in to a script admin area unsuccessfully several times activates one rule, sending a request to execute a particular file that may result in accessing the site triggers another rule, and so forth. ModSecurity is one of the best firewalls on the market and it'll protect even scripts which are not updated regularly as it can prevent attackers from using known exploits and security holes. Very detailed info about each and every intrusion attempt is recorded and the logs the firewall maintains are a lot more specific than the regular logs created by the Apache server, so you may later take a look at them and decide if you need to take extra measures so as to enhance the safety of your script-driven Internet sites.

ModSecurity in Semi-dedicated Servers

We have included ModSecurity by default in all semi-dedicated server plans, so your web apps will be protected the instant you install them under any domain or subdomain. The Hepsia Control Panel that comes with the semi-dedicated accounts will allow you to activate or turn off the firewall for any website with a mouse click. You'll also have the ability to activate a passive detection mode with which ModSecurity shall maintain a log of possible attacks without really stopping them. The thorough logs include the nature of the attack and what ModSecurity response that attack generated, where it originated from, and so forth. The list of rules that we employ is regularly updated as to match any new risks which might appear on the Internet and it comes with both commercial rules that we get from a security corporation and custom-written ones that our administrators add in case they find a threat that's not present in the commercial list yet.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain that you host or subdomain you create on the server. In the event that a web app does not operate properly, you could either turn off the firewall or set it to operate in passive mode. The latter means that ModSecurity shall keep a log of any possible attack which could take place, but shall not take any action to stop it. The logs created in passive or active mode shall present you with more details about the exact file that was attacked, the type of the attack and the IP address it originated from, etcetera. This data will enable you to decide what steps you can take to boost the security of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial bundle from a third-party security company we work with, but occasionally our staff include their own rules as well in the event that they identify a new potential threat.