ModSecurity is an effective firewall for Apache web servers that's used to stop attacks against web apps. It monitors the HTTP traffic to a given Internet site in real time and blocks any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to do that - as an illustration, trying to log in to a script admin area without success a few times triggers one rule, sending a request to execute a certain file that could result in accessing the website triggers another rule, and so forth. ModSecurity is one of the best firewalls available and it will preserve even scripts that aren't updated frequently because it can prevent attackers from employing known exploits and security holes. Incredibly detailed information about each intrusion attempt is recorded and the logs the firewall maintains are far more comprehensive than the standard logs generated by the Apache server, so you can later analyze them and decide if you need to take more measures so as to boost the security of your script-driven sites.

ModSecurity in Hosting

We offer ModSecurity with all hosting solutions, so your Internet apps shall be resistant to destructive attacks. The firewall is activated by default for all domains and subdomains, but in case you'd like, you will be able to stop it using the respective section of your Hepsia CP. You could also activate a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you will discover in Hepsia are quite detailed and feature information about the nature of any attack, when it occurred and from what IP address, the firewall rule that was triggered, etcetera. We use a set of commercial rules that are often updated, but sometimes our administrators add custom rules as well in order to better protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Servers

We have integrated ModSecurity as a standard within all semi-dedicated server plans, so your web applications will be protected the instant you set them up under any domain or subdomain. The Hepsia Control Panel that is included with the semi-dedicated accounts will allow you to activate or disable the firewall for any site with a click. You shall also be able to activate a passive detection mode with which ModSecurity shall maintain a log of possible attacks without really preventing them. The thorough logs contain the nature of the attack and what ModSecurity response that attack triggered, where it originated from, and so on. The list of rules we use is constantly updated as to match any new threats that could appear on the Internet and it features both commercial rules that we get from a security company and custom-written ones which our admins add in case they find a threat that's not present inside the commercial list yet.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are set up with the Hepsia hosting CP, so your web applications will be secured from the instant your server is in a position. The firewall is turned on by default for any domain or subdomain on the VPS, but if needed, you could disable it with a click via the corresponding section of Hepsia. You could also set it to operate in detection mode, so it'll keep an extensive log of any potential attacks without taking any action to prevent them. The logs can be found within the same section and include information regarding the nature of the attack, what IP address it originated from and what ModSecurity rule was activated to stop it. For optimum security, we use not only commercial rules from a company operating in the field of web security, but also custom ones which our admins include personally so as to react to new threats which are still not dealt with in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is provided as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the web server. In the event that a web application doesn't operate properly, you could either disable the firewall or set it to operate in passive mode. The latter means that ModSecurity shall keep a log of any possible attack which could occur, but will not take any action to prevent it. The logs produced in passive or active mode shall give you more details about the exact file that was attacked, the form of the attack and the IP address it originated from, and so forth. This data will permit you to determine what measures you can take to increase the protection of your sites, including blocking IPs or performing script and plugin updates. The ModSecurity rules which we employ are updated frequently with a commercial bundle from a third-party security firm we work with, but sometimes our admins add their own rules as well when they discover a new potential threat.