ModSecurity is an effective firewall for Apache web servers which is used to prevent attacks toward web apps. It monitors the HTTP traffic to a specific site in real time and blocks any intrusion attempts as soon as it identifies them. The firewall relies on a set of rules to do that - as an example, attempting to log in to a script admin area without success a few times sets off one rule, sending a request to execute a specific file which could result in getting access to the site triggers a different rule, and so forth. ModSecurity is one of the best firewalls available on the market and it will secure even scripts that aren't updated often since it can prevent attackers from using known exploits and security holes. Very comprehensive data about each and every intrusion attempt is recorded and the logs the firewall maintains are a lot more detailed than the regular logs generated by the Apache server, so you could later analyze them and determine if you need to take additional measures in order to improve the security of your script-driven websites.

ModSecurity in Cloud Website Hosting

ModSecurity is available with each cloud website hosting plan which we offer and it is turned on by default for every domain or subdomain that you include through your Hepsia Control Panel. In case it disrupts any of your applications or you would like to disable it for any reason, you will be able to achieve that through the ModSecurity section of Hepsia with merely a click. You can also activate a passive mode, so the firewall will detect potential attacks and keep a log, but will not take any action. You'll be able to see comprehensive logs in the very same section, including the IP address where the attack originated from, what exactly the attacker tried to do and at what time, what ModSecurity did, etcetera. For max security of our clients we use a set of commercial firewall rules mixed with custom ones that are added by our system admins.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server plans and if you opt to host your Internet sites with our company, there shall not be anything special you'll have to do as the firewall is activated by default for all domains and subdomains that you include through your hosting CP. If needed, you can disable ModSecurity for a given site or activate the so-called detection mode in which case the firewall will still work and record info, but won't do anything to stop possible attacks against your sites. Thorough logs will be available within your CP and you'll be able to see which kind of attacks occurred, what security rules were triggered and how the firewall dealt with the threats, what IP addresses the attacks originated from, etcetera. We employ two sorts of rules on our servers - commercial ones from a firm which operates in the field of web security, and custom made ones that our administrators sometimes include to respond to newly identified threats in a timely manner.

ModSecurity in VPS Servers

All VPS servers that are offered with the Hepsia Control Panel include ModSecurity. The firewall is installed and activated by default for all domains that are hosted on the server, so there shall not be anything special that you will have to do to protect your Internet sites. It shall take you only a click to stop ModSecurity if required or to activate its passive mode so that it records what goes on without taking any actions to stop intrusions. You will be able to look at the logs produced in passive or active mode via the corresponding section of Hepsia and discover more about the type of the attack, where it came from, what rule the firewall employed to deal with it, etc. We employ a mix of commercial and custom rules so as to ensure that ModSecurity shall prevent as many risks as possible, thus increasing the security of your web apps as much as possible.

ModSecurity in Dedicated Servers

ModSecurity is offered by default with all dedicated servers which are set up with the Hepsia CP and is set to “Active” automatically for any domain you host or subdomain that you create on the web server. In the event that a web application doesn't work correctly, you may either turn off the firewall or set it to operate in passive mode. The second means that ModSecurity shall maintain a log of any potential attack which may take place, but shall not take any action to stop it. The logs created in active or passive mode shall provide you with additional details about the exact file which was attacked, the nature of the attack and the IP address it originated from, etcetera. This info will permit you to choose what steps you can take to enhance the safety of your sites, such as blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated regularly with a commercial package from a third-party security firm we work with, but sometimes our staff add their own rules as well if they find a new potential threat.