ModSecurity is a powerful firewall for Apache web servers that is employed to stop attacks against web applications. It monitors the HTTP traffic to a particular Internet site in real time and stops any intrusion attempts as soon as it discovers them. The firewall relies on a set of rules to accomplish that - for example, trying to log in to a script administrator area unsuccessfully a few times activates one rule, sending a request to execute a specific file that could result in getting access to the site triggers another rule, and so on. ModSecurity is amongst the best firewalls on the market and it will secure even scripts that are not updated frequently as it can prevent attackers from employing known exploits and security holes. Very detailed info about each intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the conventional logs provided by the Apache server, so you may later examine them and decide if you need to take additional measures in order to enhance the safety of your script-driven websites.

ModSecurity in Cloud Hosting

ModSecurity is provided with all cloud hosting web servers, so if you choose to host your Internet sites with our business, they will be shielded from a wide array of attacks. The firewall is enabled as standard for all domains and subdomains, so there will be nothing you'll have to do on your end. You'll be able to stop ModSecurity for any Internet site if necessary, or to switch on a detection mode, so that all activity will be recorded, but the firewall shall not take any real action. You will be able to view comprehensive logs using your Hepsia CP including the IP where the attack came from, what the attacker planned to do and how ModSecurity handled the threat. As we take the security of our customers' sites seriously, we employ a group of commercial rules that we get from one of the leading companies which maintain this type of rules. Our administrators also include custom rules to make sure that your sites will be protected against as many risks as possible.

ModSecurity in Semi-dedicated Servers

Any web program that you set up in your new semi-dedicated server account shall be protected by ModSecurity as the firewall comes with all our hosting packages and is switched on by default for any domain and subdomain which you include or create using your Hepsia hosting Control Panel. You shall be able to manage ModSecurity via a dedicated section inside Hepsia where not only could you activate or deactivate it entirely, but you could also enable a passive mode, so the firewall shall not block anything, but it'll still maintain an archive of possible attacks. This requires only a mouse click and you'll be able to view the logs regardless of if ModSecurity is in passive or active mode through the same section - what the attack was and where it originated from, how it was taken care of, and so on. The firewall uses 2 groups of rules on our machines - a commercial one which we get from a third-party web security company and a custom one that our admins update personally as to respond to newly discovered risks as fast as possible.

ModSecurity in VPS Servers

Protection is essential to us, so we install ModSecurity on all VPS servers that are made available with the Hepsia Control Panel as a standard. The firewall could be managed via a dedicated section in Hepsia and is switched on automatically when you add a new domain or create a subdomain, so you'll not have to do anything by hand. You'll also be able to disable it or turn on the so-called detection mode, so it shall maintain a log of possible attacks which you can later study, but will not prevent them. The logs in both passive and active modes contain details about the type of the attack and how it was prevented, what IP address it came from and other valuable info which could help you to tighten the security of your Internet sites by updating them or blocking IPs, for example. In addition to the commercial rules that we get for ModSecurity from a third-party security company, we also implement our own rules since from time to time we discover specific attacks that are not yet present in the commercial package. That way, we could enhance the protection of your VPS right away as opposed to awaiting an official update.

ModSecurity in Dedicated Servers

ModSecurity is available as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the server. Just in case that a web application doesn't operate properly, you may either turn off the firewall or set it to function in passive mode. The second means that ModSecurity will maintain a log of any potential attack that could take place, but won't take any action to stop it. The logs generated in active or passive mode shall offer you additional details about the exact file which was attacked, the type of the attack and the IP address it came from, etc. This information shall allow you to choose what steps you can take to boost the safety of your websites, including blocking IPs or performing script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial bundle from a third-party security provider we work with, but oftentimes our admins add their own rules too in case they identify a new potential threat.