ModSecurity is a powerful firewall for Apache web servers that is employed to stop attacks toward web apps. It keeps track of the HTTP traffic to a specific website in real time and prevents any intrusion attempts the moment it identifies them. The firewall uses a set of rules to do that - for example, attempting to log in to a script admin area unsuccessfully a few times sets off one rule, sending a request to execute a certain file that could result in accessing the website triggers another rule, and so on. ModSecurity is among the best firewalls out there and it'll secure even scripts that are not updated frequently since it can prevent attackers from employing known exploits and security holes. Quite thorough data about each intrusion attempt is recorded and the logs the firewall keeps are much more detailed than the regular logs provided by the Apache server, so you can later examine them and determine whether you need to take more measures in order to enhance the safety of your script-driven sites.

ModSecurity in Web Hosting

We offer ModSecurity with all web hosting packages, so your Internet applications will be shielded from harmful attacks. The firewall is turned on as standard for all domains and subdomains, but in case you would like, you shall be able to stop it through the respective section of your Hepsia Control Panel. You could also switch on a detection mode, so ModSecurity shall keep a log as intended, but will not take any action. The logs that you shall discover within Hepsia are incredibly detailed and feature data about the nature of any attack, when it took place and from what IP, the firewall rule that was triggered, etc. We use a range of commercial rules which are regularly updated, but sometimes our administrators add custom rules as well in order to efficiently protect the websites hosted on our servers.

ModSecurity in Semi-dedicated Servers

ModSecurity is part of our semi-dedicated server plans and if you decide to host your sites with our company, there won't be anything special you'll have to do as the firewall is turned on by default for all domains and subdomains you include through your hosting Control Panel. If required, you can disable ModSecurity for a certain Internet site or enable the so-called detection mode in which case the firewall shall still work and record info, but shall not do anything to prevent potential attacks on your websites. In depth logs will be accessible within your CP and you'll be able to see what type of attacks occurred, what security rules were triggered and how the firewall handled the threats, what Internet protocol addresses the attacks originated from, and so on. We employ 2 types of rules on our servers - commercial ones from a company which operates in the field of web security, and custom ones that our admins occasionally add to respond to newly discovered threats on time.

ModSecurity in VPS Servers

Protection is vital to us, so we install ModSecurity on all VPS servers that are provided with the Hepsia Control Panel as a standard. The firewall could be managed through a dedicated section in Hepsia and is switched on automatically when you include a new domain or create a subdomain, so you won't have to do anything personally. You shall also be able to disable it or turn on the so-called detection mode, so it'll keep a log of potential attacks you can later examine, but shall not block them. The logs in both passive and active modes contain info regarding the type of the attack and how it was eliminated, what IP it came from and other valuable data which could help you to tighten the security of your sites by updating them or blocking IPs, for instance. On top of the commercial rules that we get for ModSecurity from a third-party security enterprise, we also employ our own rules as occasionally we find specific attacks which are not yet present inside the commercial group. This way, we can easily boost the protection of your VPS immediately as opposed to awaiting a certified update.

ModSecurity in Dedicated Servers

ModSecurity is offered as standard with all dedicated servers which are set up with the Hepsia Control Panel and is set to “Active” automatically for any domain which you host or subdomain which you create on the server. In case that a web application does not operate properly, you may either switch off the firewall or set it to function in passive mode. The second means that ModSecurity shall maintain a log of any potential attack that may happen, but won't take any action to stop it. The logs generated in active or passive mode shall present you with more details about the exact file that was attacked, the nature of the attack and the IP address it came from, and so on. This info shall allow you to choose what measures you can take to increase the protection of your Internet sites, for instance blocking IPs or carrying out script and plugin updates. The ModSecurity rules we employ are updated frequently with a commercial bundle from a third-party security firm we work with, but sometimes our staff include their own rules also in the event that they discover a new potential threat.