ModSecurity is a powerful firewall for Apache web servers which is used to stop attacks toward web apps. It tracks the HTTP traffic to a specific site in real time and prevents any intrusion attempts the moment it discovers them. The firewall relies on a set of rules to accomplish that - for instance, trying to log in to a script admin area without success a few times triggers one rule, sending a request to execute a specific file which could result in getting access to the website triggers another rule, and so on. ModSecurity is among the best firewalls out there and it will protect even scripts that aren't updated on a regular basis since it can prevent attackers from using known exploits and security holes. Quite comprehensive information about every intrusion attempt is recorded and the logs the firewall keeps are far more specific than the conventional logs created by the Apache server, so you may later examine them and decide if you need to take more measures in order to boost the safety of your script-driven Internet sites.

ModSecurity in Cloud Web Hosting

ModSecurity comes by default with all cloud web hosting packages which we provide and it will be switched on automatically for any domain or subdomain which you add/create in your Hepsia hosting Control Panel. The firewall has three different modes, so you could switch on and disable it with simply a mouse click or set it to detection mode, so it shall maintain a log of all attacks, but it will not do anything to prevent them. The log for any of your websites will include elaborate information including the nature of the attack, where it came from, what action was taken by ModSecurity, and so on. The firewall rules which we use are frequently updated and include both commercial ones which we get from a third-party security business and custom ones that our system admins add in the event that they detect a new kind of attacks. This way, the Internet sites which you host here shall be much more protected with no action expected on your end.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server solutions that we offer include ModSecurity and because the firewall is switched on by default, any website you set up under a domain or a subdomain shall be secured right away. An individual section inside the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it shall permit you to start and stop the firewall for any Internet site or activate a detection mode. With the last option, ModSecurity won't take any action, but it shall still detect possible attacks and will keep all info within a log as if it were fully active. The logs can be found inside the very same section of the Control Panel and they offer details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etcetera. The security rules that we use on our servers are a mix between commercial ones from a security company and custom ones made by our system administrators. Consequently, we provide increased security for your web apps as we can protect them from attacks even before security firms release updates for new threats.

ModSecurity in VPS Servers

ModSecurity is provided with all Hepsia-based VPS servers we offer and it'll be switched on automatically for every new domain or subdomain that you add on the hosting server. That way, any web application you install will be protected immediately without doing anything by hand on your end. The firewall may be managed through the section of the CP that bears the same name. This is the location whereyou can turn off ModSecurity or let its passive mode, so it shall not take any action towards threats, but will still keep a detailed log. The recorded information is available within the same area as well and you will be able to see what IPs any attacks came from to enable you to block them, what the nature of the attempted attacks was and based upon what security rules ModSecurity responded. The rules we use on our servers are a blend between commercial ones that we get from a security organization and custom ones which are added by our admins to enhance the protection of any web apps hosted on our end.

ModSecurity in Dedicated Servers

ModSecurity is provided by default with all dedicated servers that are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain that you host or subdomain you create on the web server. In case that a web application doesn't operate correctly, you may either disable the firewall or set it to work in passive mode. The latter means that ModSecurity shall keep a log of any possible attack that may happen, but will not take any action to prevent it. The logs generated in passive or active mode will provide you with more details about the exact file that was attacked, the type of the attack and the IP address it originated from, etcetera. This info shall allow you to decide what steps you can take to boost the safety of your Internet sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated frequently with a commercial package from a third-party security company we work with, but oftentimes our staff include their own rules also in case they discover a new potential threat.