ModSecurity is an effective firewall for Apache web servers that's used to prevent attacks against web applications. It keeps track of the HTTP traffic to a given website in real time and prevents any intrusion attempts the instant it discovers them. The firewall relies on a set of rules to do this - for instance, attempting to log in to a script administrator area unsuccessfully several times triggers one rule, sending a request to execute a particular file that could result in gaining access to the site triggers a different rule, etc. ModSecurity is amongst the best firewalls available on the market and it will preserve even scripts that aren't updated frequently as it can prevent attackers from using known exploits and security holes. Very detailed information about each intrusion attempt is recorded and the logs the firewall keeps are considerably more specific than the standard logs provided by the Apache server, so you can later take a look at them and decide if you need to take additional measures in order to improve the safety of your script-driven Internet sites.

ModSecurity in Cloud Website Hosting

ModSecurity comes by default with all cloud website hosting plans which we supply and it will be activated automatically for any domain or subdomain which you add/create inside your Hepsia hosting CP. The firewall has 3 different modes, so you can activate and disable it with only a click or set it to detection mode, so it shall keep a log of all attacks, but it will not do anything to prevent them. The log for each of your websites shall include elaborate information including the nature of the attack, where it originated from, what action was taken by ModSecurity, etcetera. The firewall rules which we use are regularly updated and consist of both commercial ones that we get from a third-party security business and custom ones which our system admins include in the event that they detect a new sort of attacks. In this way, the websites that you host here will be far more protected with no action required on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans which we offer feature ModSecurity and since the firewall is turned on by default, any Internet site that you build under a domain or a subdomain will be secured right from the start. An independent section in the Hepsia CP which comes with the semi-dedicated accounts is devoted to ModSecurity and it will enable you to stop and start the firewall for any site or enable a detection mode. With the last option, ModSecurity shall not take any action, but it'll still recognize possible attacks and will keep all information within a log as if it were fully active. The logs could be found inside the very same section of the CP and they offer specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, and so on. The security rules we employ on our machines are a mix of commercial ones from a security business and custom ones made by our system administrators. As a result, we provide higher security for your web programs as we can protect them from attacks before security corporations release updates for brand new threats.

ModSecurity in VPS Servers

ModSecurity is pre-installed on all VPS servers which are set up with the Hepsia hosting CP, so your web apps will be protected from the instant your server is ready. The firewall is turned on by default for any domain or subdomain on the VPS, but if needed, you can deactivate it with a click via the corresponding section of Hepsia. You may also set it to operate in detection mode, so it shall keep a detailed log of any possible attacks without taking any action to prevent them. The logs are available in the same section and provide info about the nature of the attack, what IP address it originated from and what ModSecurity rule was initiated to stop it. For best security, we use not simply commercial rules from a company working in the field of web security, but also custom ones our administrators add manually in order to react to new risks that are still not addressed in the commercial rules.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the hosting server. Just in case that a web app does not work properly, you could either disable the firewall or set it to function in passive mode. The latter means that ModSecurity will maintain a log of any possible attack that may happen, but won't take any action to stop it. The logs generated in passive or active mode will provide you with additional details about the exact file that was attacked, the type of the attack and the IP address it came from, and so on. This information will allow you to choose what actions you can take to enhance the safety of your Internet sites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated constantly with a commercial pack from a third-party security company we work with, but sometimes our administrators add their own rules as well if they come across a new potential threat.