ModSecurity is a highly effective firewall for Apache web servers which is employed to prevent attacks against web apps. It monitors the HTTP traffic to a given site in real time and stops any intrusion attempts the instant it detects them. The firewall relies on a set of rules to accomplish that - as an example, attempting to log in to a script administrator area without success a few times triggers one rule, sending a request to execute a certain file which may result in gaining access to the Internet site triggers another rule, and so on. ModSecurity is one of the best firewalls out there and it'll preserve even scripts that are not updated frequently since it can prevent attackers from using known exploits and security holes. Very thorough information about each and every intrusion attempt is recorded and the logs the firewall keeps are far more detailed than the regular logs created by the Apache server, so you may later take a look at them and determine if you need to take more measures in order to increase the protection of your script-driven websites.

ModSecurity in Web Hosting

We provide ModSecurity with all web hosting plans, so your Internet applications shall be protected against harmful attacks. The firewall is turned on by default for all domains and subdomains, but if you would like, you will be able to stop it using the respective area of your Hepsia CP. You could also switch on a detection mode, so ModSecurity will keep a log as intended, but won't take any action. The logs which you'll discover within Hepsia are extremely detailed and include info about the nature of any attack, when it transpired and from what IP, the firewall rule which was triggered, etcetera. We employ a set of commercial rules which are regularly updated, but sometimes our administrators add custom rules as well so as to efficiently protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server plans and if you opt to host your sites with us, there shall not be anything special you'll need to do given that the firewall is turned on by default for all domains and subdomains which you add through your hosting CP. If required, you'll be able to disable ModSecurity for a given site or activate the so-called detection mode in which case the firewall shall still function and record information, but shall not do anything to prevent potential attacks against your websites. Detailed logs shall be available in your Control Panel and you will be able to see what sort of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what Internet protocol addresses the attacks originated from, etcetera. We employ two kinds of rules on our servers - commercial ones from a firm which operates in the field of web security, and customized ones that our admins often include to respond to newly found risks promptly.

ModSecurity in VPS Servers

All VPS servers that are set up with the Hepsia Control Panel come with ModSecurity. The firewall is set up and activated by default for all domains which are hosted on the web server, so there shall not be anything special which you'll need to do to protect your Internet sites. It will take you just a mouse click to stop ModSecurity if necessary or to switch on its passive mode so that it records what happens without taking any measures to stop intrusions. You'll be able to see the logs produced in active or passive mode from the corresponding section of Hepsia and discover more about the form of the attack, where it originated from, what rule the firewall employed to handle it, etcetera. We employ a mixture of commercial and custom rules in order to make certain that ModSecurity will prevent as many threats as possible, hence improving the security of your web applications as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is available as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain you host or subdomain that you create on the hosting server. Just in case that a web app doesn't operate correctly, you could either disable the firewall or set it to work in passive mode. The second means that ModSecurity will maintain a log of any potential attack which could take place, but will not take any action to stop it. The logs created in passive or active mode will offer you additional details about the exact file that was attacked, the type of the attack and the IP address it came from, and so on. This data shall permit you to choose what actions you can take to enhance the security of your websites, for instance blocking IPs or performing script and plugin updates. The ModSecurity rules we use are updated frequently with a commercial bundle from a third-party security firm we work with, but from time to time our admins include their own rules also in the event that they come across a new potential threat.