ModSecurity is a highly effective firewall for Apache web servers that's used to stop attacks toward web apps. It keeps track of the HTTP traffic to a certain website in real time and blocks any intrusion attempts the instant it detects them. The firewall relies on a set of rules to accomplish that - for instance, attempting to log in to a script admin area unsuccessfully many times triggers one rule, sending a request to execute a particular file which may result in getting access to the Internet site triggers a different rule, etcetera. ModSecurity is one of the best firewalls available on the market and it will protect even scripts which aren't updated regularly as it can prevent attackers from using known exploits and security holes. Quite detailed data about every single intrusion attempt is recorded and the logs the firewall keeps are much more specific than the regular logs created by the Apache server, so you could later take a look at them and decide whether you need to take extra measures so as to enhance the protection of your script-driven websites.

ModSecurity in Hosting

ModSecurity comes by default with all hosting solutions that we offer and it shall be turned on automatically for any domain or subdomain that you add/create inside your Hepsia hosting CP. The firewall has three different modes, so you could switch on and deactivate it with only a click or set it to detection mode, so it'll keep a log of all attacks, but it'll not do anything to stop them. The log for any of your Internet sites will include detailed info such as the nature of the attack, where it came from, what action was taken by ModSecurity, and so forth. The firewall rules which we use are regularly updated and consist of both commercial ones that we get from a third-party security business and custom ones which our system administrators add in the event that they detect a new type of attacks. That way, the websites that you host here will be far more secure without any action required on your end.

ModSecurity in Semi-dedicated Servers

We've integrated ModSecurity by default inside all semi-dedicated server products, so your web apps shall be protected as soon as you install them under any domain or subdomain. The Hepsia CP which comes with the semi-dedicated accounts shall allow you to switch on or disable the firewall for any Internet site with a click. You will also be able to switch on a passive detection mode with which ModSecurity shall maintain a log of possible attacks without actually preventing them. The thorough logs contain the nature of the attack and what ModSecurity response this attack initiated, where it came from, etc. The list of rules that we use is regularly updated as to match any new risks which may appear on the Internet and it includes both commercial rules that we get from a security business and custom-written ones which our admins include if they find a threat that's not present inside the commercial list yet.

ModSecurity in VPS Servers

All VPS servers which are provided with the Hepsia CP feature ModSecurity. The firewall is installed and activated by default for all domains which are hosted on the web server, so there won't be anything special that you will have to do to protect your websites. It'll take you simply a click to stop ModSecurity if necessary or to switch on its passive mode so that it records what goes on without taking any measures to stop intrusions. You shall be able to view the logs generated in passive or active mode via the corresponding section of Hepsia and find out more about the form of the attack, where it came from, what rule the firewall used to tackle it, etc. We use a mixture of commercial and custom rules in order to make certain that ModSecurity shall block as many risks as possible, thus increasing the security of your web apps as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is provided as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the web server. In the event that a web app does not work adequately, you can either disable the firewall or set it to operate in passive mode. The latter means that ModSecurity shall keep a log of any possible attack that might occur, but shall not take any action to stop it. The logs created in active or passive mode shall give you additional details about the exact file that was attacked, the nature of the attack and the IP it originated from, etc. This information will allow you to determine what steps you can take to enhance the protection of your Internet sites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated often with a commercial bundle from a third-party security company we work with, but sometimes our administrators include their own rules also when they discover a new potential threat.