ModSecurity is an effective firewall for Apache web servers that is employed to stop attacks towards web applications. It keeps track of the HTTP traffic to a certain website in real time and blocks any intrusion attempts the moment it discovers them. The firewall relies on a set of rules to do this - for instance, attempting to log in to a script administrator area without success many times activates one rule, sending a request to execute a certain file which could result in gaining access to the Internet site triggers a different rule, and so on. ModSecurity is one of the best firewalls available and it'll preserve even scripts that are not updated often because it can prevent attackers from employing known exploits and security holes. Very comprehensive info about every single intrusion attempt is recorded and the logs the firewall keeps are much more detailed than the conventional logs created by the Apache server, so you may later take a look at them and decide if you need to take additional measures in order to improve the security of your script-driven Internet sites.

ModSecurity in Shared Hosting

ModSecurity can be found with each shared hosting plan that we provide and it is activated by default for every domain or subdomain that you add through your Hepsia Control Panel. If it disrupts any of your apps or you would like to disable it for some reason, you will be able to do that through the ModSecurity section of Hepsia with simply a click. You can also activate a passive mode, so the firewall will discover potential attacks and keep a log, but shall not take any action. You could view detailed logs in the exact same section, including the IP where the attack originated from, what precisely the attacker aimed to do and at what time, what ModSecurity did, etc. For optimum protection of our customers we use a group of commercial firewall rules mixed with custom ones which are added by our system administrators.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server plans which we offer feature ModSecurity and because the firewall is enabled by default, any website which you build under a domain or a subdomain shall be secured right away. An independent section within the Hepsia Control Panel that comes with the semi-dedicated accounts is devoted to ModSecurity and it shall enable you to start and stop the firewall for any site or enable a detection mode. With the last mentioned, ModSecurity shall not take any action, but it will still detect possible attacks and shall keep all information within a log as if it were completely active. The logs can be found in the same section of the CP and they include specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to identify and stop it, and so on. The security rules that we use on our web servers are a mix of commercial ones from a security company and custom ones made by our system admins. Consequently, we provide increased security for your web programs as we can defend them from attacks even before security firms release updates for brand new threats.

ModSecurity in VPS Servers

All VPS servers which are set up with the Hepsia Control Panel come with ModSecurity. The firewall is set up and turned on by default for all domains which are hosted on the server, so there will not be anything special which you'll have to do to protect your websites. It shall take you just a click to stop ModSecurity if necessary or to activate its passive mode so that it records what occurs without taking any measures to stop intrusions. You will be able to look at the logs created in passive or active mode via the corresponding section of Hepsia and discover more about the form of the attack, where it came from, what rule the firewall employed to take care of it, etcetera. We use a mix of commercial and custom rules so as to make sure that ModSecurity shall prevent as many threats as possible, hence enhancing the protection of your web apps as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the hosting server. In case that a web app does not work properly, you may either turn off the firewall or set it to work in passive mode. The latter means that ModSecurity will maintain a log of any potential attack which may happen, but won't take any action to prevent it. The logs produced in active or passive mode shall offer you more details about the exact file that was attacked, the form of the attack and the IP it came from, and so forth. This info shall permit you to choose what steps you can take to boost the security of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated frequently with a commercial package from a third-party security enterprise we work with, but occasionally our staff add their own rules too if they identify a new potential threat.