ModSecurity is an efficient firewall for Apache web servers that's employed to stop attacks towards web apps. It keeps track of the HTTP traffic to a specific website in real time and prevents any intrusion attempts the moment it identifies them. The firewall relies on a set of rules to do that - as an example, attempting to log in to a script administrator area unsuccessfully a few times sets off one rule, sending a request to execute a particular file that could result in getting access to the Internet site triggers a different rule, and so on. ModSecurity is amongst the best firewalls on the market and it'll secure even scripts which aren't updated frequently because it can prevent attackers from using known exploits and security holes. Very comprehensive info about each and every intrusion attempt is recorded and the logs the firewall maintains are considerably more detailed than the standard logs provided by the Apache server, so you can later analyze them and determine if you need to take additional measures in order to boost the protection of your script-driven sites.

ModSecurity in Web Hosting

ModSecurity is available on all web hosting machines, so if you decide to host your sites with our business, they will be resistant to a wide array of attacks. The firewall is turned on as standard for all domains and subdomains, so there'll be nothing you will have to do on your end. You'll be able to stop ModSecurity for any site if necessary, or to switch on a detection mode, so all activity shall be recorded, but the firewall shall not take any real action. You shall be able to view detailed logs via your Hepsia Control Panel including the IP address where the attack originated from, what the attacker wanted to do and how ModSecurity handled the threat. Since we take the safety of our customers' sites very seriously, we use a group of commercial rules that we take from one of the leading companies that maintain this type of rules. Our admins also include custom rules to ensure that your Internet sites shall be protected against as many threats as possible.

ModSecurity in Semi-dedicated Servers

All semi-dedicated server packages that we offer feature ModSecurity and because the firewall is switched on by default, any Internet site which you set up under a domain or a subdomain shall be protected right from the start. An independent section within the Hepsia Control Panel which comes with the semi-dedicated accounts is devoted to ModSecurity and it will allow you to start and stop the firewall for any site or switch on a detection mode. With the last option, ModSecurity shall not take any action, but it shall still recognize possible attacks and will keep all data in a log as if it were completely active. The logs can be found inside the very same section of the CP and they offer details about the IP where an attack came from, what its nature was, what rule ModSecurity applies to recognize and stop it, etc. The security rules which we use on our web servers are a mix of commercial ones from a security company and custom ones made by our system administrators. As a result, we provide greater security for your web programs as we can protect them from attacks even before security firms release updates for new threats.

ModSecurity in VPS Servers

Protection is essential to us, so we install ModSecurity on all VPS servers that are provided with the Hepsia Control Panel by default. The firewall can be managed through a dedicated section within Hepsia and is switched on automatically when you include a new domain or generate a subdomain, so you'll not need to do anything by hand. You will also be able to deactivate it or activate the so-called detection mode, so it will keep a log of possible attacks you can later study, but shall not stop them. The logs in both passive and active modes include information about the kind of the attack and how it was stopped, what IP it originated from and other important data that could help you to tighten the security of your sites by updating them or blocking IPs, for instance. On top of the commercial rules that we get for ModSecurity from a third-party security company, we also implement our own rules since occasionally we discover specific attacks which are not yet present inside the commercial package. That way, we can improve the security of your Virtual private server instantly as opposed to waiting for a certified update.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain that you create on the server. In the event that a web application does not function properly, you could either turn off the firewall or set it to function in passive mode. The second means that ModSecurity shall keep a log of any possible attack which may occur, but will not take any action to stop it. The logs produced in passive or active mode shall give you more details about the exact file that was attacked, the form of the attack and the IP address it originated from, etc. This data shall allow you to determine what actions you can take to increase the protection of your websites, including blocking IPs or carrying out script and plugin updates. The ModSecurity rules which we use are updated constantly with a commercial package from a third-party security enterprise we work with, but sometimes our admins include their own rules too if they discover a new potential threat.