ModSecurity is a highly effective firewall for Apache web servers that's used to prevent attacks toward web applications. It tracks the HTTP traffic to a given website in real time and prevents any intrusion attempts the moment it discovers them. The firewall relies on a set of rules to do this - as an example, attempting to log in to a script administration area unsuccessfully many times activates one rule, sending a request to execute a specific file which may result in accessing the website triggers another rule, and so on. ModSecurity is among the best firewalls available and it'll secure even scripts that aren't updated often as it can prevent attackers from employing known exploits and security holes. Quite thorough data about each and every intrusion attempt is recorded and the logs the firewall maintains are a lot more specific than the standard logs generated by the Apache server, so you could later take a look at them and decide if you need to take more measures in order to improve the security of your script-driven websites.
ModSecurity in Shared Web Hosting
ModSecurity comes standard with all shared web hosting packages which we provide and it shall be activated automatically for any domain or subdomain that you add/create inside your Hepsia hosting Control Panel. The firewall has 3 different modes, so you'll be able to activate and deactivate it with a click or set it to detection mode, so it shall maintain a log of all attacks, but it'll not do anything to prevent them. The log for each of your websites shall feature elaborate information including the nature of the attack, where it originated from, what action was taken by ModSecurity, and so on. The firewall rules which we use are frequently updated and incorporate both commercial ones that we get from a third-party security firm and custom ones which our system admins add in case that they detect a new type of attacks. In this way, the websites you host here shall be far more protected with no action needed on your end.
ModSecurity in Dedicated Hosting
ModSecurity is available as standard with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain you create on the hosting server. Just in case that a web application doesn't operate properly, you can either turn off the firewall or set it to operate in passive mode. The second means that ModSecurity shall maintain a log of any potential attack which could occur, but won't take any action to stop it. The logs created in passive or active mode shall give you additional details about the exact file that was attacked, the type of the attack and the IP address it came from, etcetera. This information will permit you to decide what actions you can take to enhance the security of your Internet sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated regularly with a commercial package from a third-party security enterprise we work with, but oftentimes our admins include their own rules too when they come across a new potential threat.