ModSecurity is an efficient firewall for Apache web servers that is used to stop attacks against web apps. It monitors the HTTP traffic to a particular site in real time and prevents any intrusion attempts the instant it detects them. The firewall uses a set of rules to accomplish that - for example, trying to log in to a script administrator area unsuccessfully many times sets off one rule, sending a request to execute a certain file that could result in getting access to the site triggers another rule, etc. ModSecurity is among the best firewalls around and it will protect even scripts that aren't updated regularly as it can prevent attackers from using known exploits and security holes. Incredibly thorough data about each intrusion attempt is recorded and the logs the firewall keeps are much more comprehensive than the conventional logs provided by the Apache server, so you may later examine them and determine whether you need to take extra measures so as to improve the security of your script-driven Internet sites.

ModSecurity in Cloud Hosting

ModSecurity comes by default with all cloud hosting packages that we offer and it'll be switched on automatically for any domain or subdomain which you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and disable it with only a mouse click or set it to detection mode, so it'll maintain a log of all attacks, but it will not do anything to prevent them. The log for each of your websites shall include elaborate information such as the nature of the attack, where it originated from, what action was taken by ModSecurity, etc. The firewall rules that we use are constantly updated and consist of both commercial ones that we get from a third-party security firm and custom ones that our system administrators add in the event that they detect a new type of attacks. That way, the Internet sites that you host here will be a lot more secure without any action required on your end.

ModSecurity in Semi-dedicated Servers

We have integrated ModSecurity by default in all semi-dedicated server products, so your web apps will be protected the instant you install them under any domain or subdomain. The Hepsia CP that is included with the semi-dedicated accounts shall permit you to activate or disable the firewall for any Internet site with a click. You will also be able to activate a passive detection mode in which ModSecurity will keep a log of potential attacks without really stopping them. The thorough logs contain the nature of the attack and what ModSecurity response that attack caused, where it originated from, etcetera. The list of rules we employ is frequently updated as to match any new risks that may appear on the Internet and it comes with both commercial rules that we get from a security corporation and custom-written ones that our admins include if they find a threat that's not present within the commercial list yet.

ModSecurity in VPS Servers

Safety is very important to us, so we set up ModSecurity on all VPS servers that are set up with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section within Hepsia and is turned on automatically when you include a new domain or create a subdomain, so you won't have to do anything personally. You shall also be able to deactivate it or turn on the so-called detection mode, so it shall maintain a log of possible attacks you can later study, but won't stop them. The logs in both passive and active modes contain info about the kind of the attack and how it was prevented, what IP address it originated from and other valuable information which could help you to tighten the security of your websites by updating them or blocking IPs, as an example. Beyond the commercial rules we get for ModSecurity from a third-party security company, we also employ our own rules since once in a while we detect specific attacks which are not yet present in the commercial group. This way, we could increase the security of your VPS promptly rather than waiting for an official update.

ModSecurity in Dedicated Servers

ModSecurity is available as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain that you create on the hosting server. In case that a web app doesn't operate correctly, you may either switch off the firewall or set it to function in passive mode. The second means that ModSecurity will maintain a log of any possible attack which might take place, but shall not take any action to stop it. The logs created in passive or active mode will offer you additional details about the exact file which was attacked, the nature of the attack and the IP it originated from, and so forth. This info shall allow you to determine what actions you can take to increase the security of your sites, such as blocking IPs or performing script and plugin updates. The ModSecurity rules which we use are updated regularly with a commercial bundle from a third-party security firm we work with, but occasionally our admins include their own rules also in case they discover a new potential threat.