ModSecurity is an efficient firewall for Apache web servers that's employed to stop attacks toward web apps. It keeps track of the HTTP traffic to a particular site in real time and blocks any intrusion attempts the instant it detects them. The firewall uses a set of rules to do that - as an example, trying to log in to a script administration area without success many times triggers one rule, sending a request to execute a certain file which could result in getting access to the website triggers a different rule, and so on. ModSecurity is among the best firewalls available and it'll protect even scripts that are not updated regularly since it can prevent attackers from employing known exploits and security holes. Quite detailed info about every intrusion attempt is recorded and the logs the firewall maintains are considerably more specific than the regular logs provided by the Apache server, so you can later analyze them and decide if you need to take additional measures in order to boost the security of your script-driven websites.

ModSecurity in Web Hosting

We offer ModSecurity with all web hosting plans, so your Internet applications shall be resistant to destructive attacks. The firewall is switched on as standard for all domains and subdomains, but in case you'd like, you will be able to stop it via the respective part of your Hepsia Control Panel. You can also switch on a detection mode, so ModSecurity will keep a log as intended, but shall not take any action. The logs which you shall find inside Hepsia are very detailed and include info about the nature of any attack, when it occurred and from what IP, the firewall rule that was triggered, etc. We employ a group of commercial rules that are constantly updated, but sometimes our admins add custom rules as well so as to better protect the Internet sites hosted on our servers.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions which we offer feature ModSecurity and since the firewall is switched on by default, any website you set up under a domain or a subdomain will be protected right from the start. An independent section inside the Hepsia CP which comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall permit you to stop and start the firewall for any website or switch on a detection mode. With the latter, ModSecurity shall not take any action, but it shall still identify possible attacks and will keep all information in a log as if it were completely active. The logs could be found within the very same section of the CP and they offer information regarding the IP where an attack originated from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules we use on our servers are a mix between commercial ones from a security firm and custom ones made by our system admins. Therefore, we provide greater security for your web apps as we can defend them from attacks before security companies release updates for completely new threats.

ModSecurity in VPS Servers

All VPS servers that are provided with the Hepsia CP feature ModSecurity. The firewall is set up and switched on by default for all domains that are hosted on the machine, so there won't be anything special which you shall have to do to protect your websites. It will take you only a click to stop ModSecurity if necessary or to activate its passive mode so that it records what happens without taking any steps to prevent intrusions. You will be able to look at the logs generated in passive or active mode from the corresponding section of Hepsia and find out more about the form of the attack, where it originated from, what rule the firewall employed to deal with it, etc. We employ a mixture of commercial and custom rules in order to make sure that ModSecurity will block out as many threats as possible, hence boosting the security of your web apps as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain which you host or subdomain you create on the hosting server. In the event that a web app does not work adequately, you could either turn off the firewall or set it to work in passive mode. The second means that ModSecurity shall maintain a log of any potential attack that could take place, but won't take any action to prevent it. The logs created in passive or active mode will present you with additional details about the exact file that was attacked, the form of the attack and the IP it originated from, etc. This information shall allow you to decide what steps you can take to increase the safety of your websites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we use are updated frequently with a commercial package from a third-party security enterprise we work with, but oftentimes our admins include their own rules too in case they come across a new potential threat.